Filtered by vendor Sgi
Subscriptions
Total
258 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0519 | 3 Redhat, Sgi, Squirrelmail | 3 Enterprise Linux, Propack, Squirrelmail | 2024-08-08 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. | ||||
CVE-2004-0520 | 4 Open Webmail, Redhat, Sgi and 1 more | 4 Open Webmail, Enterprise Linux, Propack and 1 more | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. | ||||
CVE-2004-0506 | 3 Ethereal Group, Redhat, Sgi | 3 Ethereal, Enterprise Linux, Propack | 2024-08-08 | N/A |
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference. | ||||
CVE-2004-0492 | 6 Apache, Hp, Ibm and 3 more | 8 Http Server, Virtualvault, Vvos and 5 more | 2024-08-08 | N/A |
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. | ||||
CVE-2004-0483 | 1 Sgi | 1 Irix | 2024-08-08 | N/A |
Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests. | ||||
CVE-2004-0424 | 4 Linux, Redhat, Sgi and 1 more | 4 Linux Kernel, Enterprise Linux, Propack and 1 more | 2024-08-08 | N/A |
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | ||||
CVE-2004-0418 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2024-08-08 | N/A |
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | ||||
CVE-2004-0417 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2024-08-08 | N/A |
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | ||||
CVE-2004-0414 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2024-08-08 | N/A |
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | ||||
CVE-2004-0416 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2024-08-08 | N/A |
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. | ||||
CVE-2004-0231 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." | ||||
CVE-2004-0234 | 8 Clearswift, F-secure, Rarlab and 5 more | 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more | 2024-08-08 | N/A |
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. | ||||
CVE-2004-0105 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2024-08-08 | N/A |
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | ||||
CVE-2004-0134 | 1 Sgi | 1 Irix | 2024-08-08 | N/A |
cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process. | ||||
CVE-2004-0233 | 4 Redhat, Sgi, Slackware and 1 more | 5 Enterprise Linux, Linux, Propack and 2 more | 2024-08-08 | N/A |
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files. | ||||
CVE-2004-0235 | 8 Clearswift, F-secure, Rarlab and 5 more | 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more | 2024-08-08 | N/A |
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). | ||||
CVE-2004-0104 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2024-08-08 | N/A |
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | ||||
CVE-2004-0148 | 3 Redhat, Sgi, Washington University | 3 Enterprise Linux, Propack, Wu-ftpd | 2024-08-08 | N/A |
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | ||||
CVE-2004-0136 | 1 Sgi | 1 Irix | 2024-08-08 | N/A |
The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary." | ||||
CVE-2004-0232 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. |