| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. |
| Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. |
| The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program. |
| Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. |
| Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. |
| Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries. |
| The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts. |
| Red Hat pump DHCP client allows remote attackers to gain root access in some configurations. |
| Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. |
| The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address. |
| sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges. |
| Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. |
| Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. |
| fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state. |
| The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference. |
| Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread. |
| Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. |
| faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. |
| The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. |
| Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. |
