The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack.
Max CVSS
5.0
EPSS Score
1.02%
Published
2006-06-01
Updated
2018-10-18
Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request.
Max CVSS
5.0
EPSS Score
0.65%
Published
2006-09-12
Updated
2011-03-08
The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.
Max CVSS
5.0
EPSS Score
0.22%
Published
2006-02-23
Updated
2018-10-30
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Max CVSS
5.0
EPSS Score
0.52%
Published
2005-12-31
Updated
2018-10-19
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Max CVSS
5.0
EPSS Score
1.28%
Published
2005-12-31
Updated
2018-10-19
Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).
Max CVSS
5.0
EPSS Score
1.60%
Published
2005-10-27
Updated
2008-09-10
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
Max CVSS
5.0
EPSS Score
1.01%
Published
2005-04-14
Updated
2018-10-30
Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.
Max CVSS
5.0
EPSS Score
1.44%
Published
2005-03-14
Updated
2017-07-11
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
Max CVSS
5.0
EPSS Score
3.86%
Published
2005-03-14
Updated
2017-10-11
Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
Max CVSS
5.0
EPSS Score
5.72%
Published
2005-03-15
Updated
2018-10-03
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
Max CVSS
5.0
EPSS Score
4.52%
Published
2004-12-31
Updated
2022-02-28
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
Max CVSS
5.1
EPSS Score
0.41%
Published
2004-12-31
Updated
2017-07-11
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
Max CVSS
5.0
EPSS Score
0.32%
Published
2005-04-14
Updated
2017-07-11
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
Max CVSS
5.0
EPSS Score
0.58%
Published
2004-12-15
Updated
2017-10-11
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
Max CVSS
5.0
EPSS Score
2.47%
Published
2004-12-15
Updated
2017-10-11
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
Max CVSS
5.0
EPSS Score
0.85%
Published
2004-12-15
Updated
2017-10-11
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
Max CVSS
5.0
EPSS Score
0.87%
Published
2005-04-14
Updated
2017-07-11
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
Max CVSS
5.0
EPSS Score
0.87%
Published
2005-04-14
Updated
2017-07-11
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
Max CVSS
5.0
EPSS Score
0.87%
Published
2005-04-14
Updated
2017-07-11
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
Max CVSS
5.0
EPSS Score
0.87%
Published
2005-04-14
Updated
2017-07-11
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
Max CVSS
5.0
EPSS Score
0.87%
Published
2005-04-14
Updated
2017-07-11
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
Max CVSS
5.0
EPSS Score
0.54%
Published
2005-01-10
Updated
2019-12-17
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
Max CVSS
5.0
EPSS Score
5.28%
Published
2005-01-27
Updated
2017-10-11
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
Max CVSS
5.0
EPSS Score
3.56%
Published
2004-09-13
Updated
2017-10-11
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
Max CVSS
5.1
EPSS Score
5.78%
Published
2004-12-31
Updated
2017-07-11
36 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!