Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.
Max CVSS
4.4
EPSS Score
0.29%
Published
2008-01-31
Updated
2017-09-29
Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors.
Max CVSS
7.8
EPSS Score
3.87%
Published
2008-01-30
Updated
2017-08-08
The replace_inline_img function in elogd in Electronic Logbook (ELOG) before 2.7.1 allows remote attackers to cause a denial of service (infinite loop) via crafted logbook entries. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.92%
Published
2008-01-25
Updated
2017-08-08
HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allows remote attackers to cause a denial of service (daemon crash) via a long account name.
Max CVSS
5.0
EPSS Score
10.97%
Published
2008-01-29
Updated
2018-10-15
Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an HTTP request with a long method string to port 443/tcp.
Max CVSS
10.0
EPSS Score
84.91%
Published
2008-01-23
Updated
2017-08-08
OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.
Max CVSS
4.9
EPSS Score
0.04%
Published
2008-01-22
Updated
2018-10-30
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer overflow.
Max CVSS
9.3
EPSS Score
1.68%
Published
2008-01-22
Updated
2024-02-02
Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hostname.
Max CVSS
6.8
EPSS Score
2.27%
Published
2008-01-22
Updated
2018-10-15
CORE FORCE before 0.95.172 does not properly validate arguments to SSDT hook handler functions in the Registry module, which allows local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-01-18
Updated
2018-10-15
Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions in the Registry module.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-01-18
Updated
2018-10-15
Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of service (application crash) via a long Unicode string representing a client version identifier.
Max CVSS
5.0
EPSS Score
6.20%
Published
2008-01-18
Updated
2018-10-15
The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
Max CVSS
7.8
EPSS Score
1.90%
Published
2008-01-18
Updated
2017-09-29
Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests.
Max CVSS
7.8
EPSS Score
1.39%
Published
2008-01-17
Updated
2017-08-08
Open System Consultants (OSC) Radiator before 4.0 allows remote attackers to cause a denial of service (daemon crash) via malformed RADIUS requests, as demonstrated by packets sent by nmap.
Max CVSS
7.8
EPSS Score
2.43%
Published
2008-01-17
Updated
2017-08-08
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
Max CVSS
4.9
EPSS Score
0.04%
Published
2008-01-17
Updated
2017-09-29
KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.
Max CVSS
4.3
EPSS Score
4.95%
Published
2008-01-16
Updated
2018-10-15
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
Max CVSS
10.0
EPSS Score
0.92%
Published
2008-01-16
Updated
2017-09-29
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
Max CVSS
8.5
EPSS Score
4.49%
Published
2008-01-16
Updated
2017-09-29
ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
Max CVSS
5.0
EPSS Score
4.12%
Published
2008-01-16
Updated
2008-09-05
Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2008-01-15
Updated
2018-10-30
The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media ports in unspecified call hold and send-only stream scenarios, which allows remote attackers to cause a denial of service (port exhaustion) via unspecified vectors.
Max CVSS
5.0
EPSS Score
3.78%
Published
2008-01-15
Updated
2011-03-08
Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service (query flood) via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.92%
Published
2008-01-15
Updated
2017-08-08
Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial of service via unknown vectors.
Max CVSS
7.8
EPSS Score
0.23%
Published
2008-01-12
Updated
2017-08-08
yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
Max CVSS
7.5
EPSS Score
34.54%
Published
2008-01-10
Updated
2018-10-15
PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI.
Max CVSS
5.0
EPSS Score
1.85%
Published
2008-01-10
Updated
2018-10-15
63 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!