Perl-Compatible Regular Expression (PCRE) library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service (crash) via a regular expression with a large number of named subpatterns, which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
Max CVSS
4.3
EPSS Score
0.25%
Published
2005-12-31
Updated
2023-02-13
The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-12-31
Updated
2017-07-29
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.
Max CVSS
7.1
EPSS Score
0.04%
Published
2005-12-31
Updated
2024-02-16
eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".
Max CVSS
4.0
EPSS Score
0.13%
Published
2005-12-31
Updated
2015-07-28
Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call.
Max CVSS
4.3
EPSS Score
0.07%
Published
2005-12-31
Updated
2008-09-05
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
5.0
EPSS Score
0.19%
Published
2005-12-31
Updated
2009-08-28
The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.1
EPSS Score
2.42%
Published
2005-12-31
Updated
2021-07-23
The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.8
EPSS Score
2.51%
Published
2005-12-31
Updated
2021-07-23
The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.1
EPSS Score
2.42%
Published
2005-12-31
Updated
2021-07-23
The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
Max CVSS
7.1
EPSS Score
2.42%
Published
2005-12-31
Updated
2021-07-23
The Outlook Express Address Book control, when using Internet Explorer 6, allows remote attackers to cause a denial of service (NULL dereference and browser crash) by creating the OutlookExpress.AddressBook COM object, which is not intended for use within Internet Explorer.
Max CVSS
4.3
EPSS Score
84.92%
Published
2005-12-31
Updated
2021-07-23
snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.
Max CVSS
10.0
EPSS Score
6.30%
Published
2005-12-31
Updated
2017-10-11
The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission.
Max CVSS
7.1
EPSS Score
3.86%
Published
2005-12-31
Updated
2008-09-10
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.
Max CVSS
6.1
EPSS Score
1.73%
Published
2005-12-31
Updated
2018-10-19
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.
Max CVSS
5.7
EPSS Score
0.09%
Published
2005-12-31
Updated
2018-10-30
SMC Wireless Router model SMC7904WBRA allows remote attackers to cause a denial of service (reboot) by flooding the router with traffic.
Max CVSS
5.0
EPSS Score
0.30%
Published
2005-12-31
Updated
2017-07-29
Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function.
Max CVSS
7.5
EPSS Score
0.82%
Published
2005-12-31
Updated
2017-07-29
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
Max CVSS
7.5
EPSS Score
8.52%
Published
2005-12-31
Updated
2008-09-05
Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certain network traffic, possibly involving multiple simultaneous TCP connections.
Max CVSS
5.0
EPSS Score
3.30%
Published
2005-12-31
Updated
2017-07-20
The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan.
Max CVSS
7.8
EPSS Score
2.23%
Published
2005-12-31
Updated
2017-07-20
The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.
Max CVSS
4.9
EPSS Score
0.06%
Published
2005-12-31
Updated
2017-10-11
Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attackers to cause a denial of service (crash) via a "text/html" HTML Content-type header sent in response to an XMLHttpRequest (AJAX).
Max CVSS
5.0
EPSS Score
3.06%
Published
2005-12-31
Updated
2021-07-23
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors.
Max CVSS
5.0
EPSS Score
11.99%
Published
2005-12-31
Updated
2011-03-08
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.
Max CVSS
5.0
EPSS Score
9.83%
Published
2005-12-31
Updated
2017-10-11
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.
Max CVSS
5.0
EPSS Score
12.46%
Published
2005-12-31
Updated
2017-07-20
844 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!