Filtered by vendor Openpkg Subscriptions
Filtered by product Openpkg Subscriptions
Total 27 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0413 2 Openpkg, Subversion 2 Openpkg, Subversion 2024-11-20 N/A
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.
CVE-2004-0333 4 Gentoo, Openpkg, Uudeview and 1 more 4 Linux, Openpkg, Uudeview and 1 more 2024-11-20 N/A
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
CVE-2003-0615 4 Cgi.pm, Debian, Openpkg and 1 more 5 Cgi.pm, Debian Linux, Openpkg and 2 more 2024-11-20 N/A
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
CVE-2003-0190 4 Openbsd, Openpkg, Redhat and 1 more 8 Openssh, Openpkg, Enterprise Linux and 5 more 2024-11-20 N/A
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
CVE-2003-0147 4 Openpkg, Openssl, Redhat and 1 more 6 Openpkg, Openssl, Enterprise Linux and 3 more 2024-11-20 N/A
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
CVE-2002-0985 3 Openpkg, Php, Redhat 6 Openpkg, Php, Enterprise Linux and 3 more 2024-11-20 N/A
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
CVE-2002-0083 9 Conectiva, Engardelinux, Immunix and 6 more 11 Linux, Secure Linux, Immunix and 8 more 2024-11-20 9.8 Critical
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.