Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2672 | 1 Lm Sensors | 1 Lm Sensors | 2018-10-03 | 2.1 LOW | N/A |
| pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file. | |||||
| CVE-2005-3272 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 5.0 MEDIUM | N/A |
| Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. | |||||
| CVE-2005-3256 | 1 Enigmail | 1 Enigmail | 2018-10-03 | 5.0 MEDIUM | N/A |
| The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message. | |||||
| CVE-2005-3271 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 2.1 LOW | N/A |
| Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user. | |||||
| CVE-2005-2966 | 1 Dia | 1 Dia | 2018-10-03 | 5.1 MEDIUM | N/A |
| The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file. | |||||
| CVE-2005-2971 | 1 Kde | 1 Koffice | 2018-10-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. | |||||
| CVE-2005-2958 | 1 Gnome | 1 Libgda2 | 2018-10-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code. | |||||
| CVE-2005-0990 | 1 Gnu | 1 Sharutils | 2018-10-03 | 2.1 LOW | N/A |
| unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. | |||||
| CVE-2005-0866 | 1 Cdrtools | 1 Cdrecord | 2018-10-03 | 2.1 LOW | N/A |
| cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-1527 | 2 Awstats, Ubuntu | 2 Awstats, Ubuntu Linux | 2018-10-03 | 5.0 MEDIUM | N/A |
| Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call. | |||||
| CVE-2005-1739 | 2 Graphicsmagick, Imagemagick | 2 Graphicsmagick, Imagemagick | 2018-10-03 | 5.0 MEDIUM | N/A |
| The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask. | |||||
| CVE-2005-2353 | 1 Mozilla | 1 Thunderbird | 2018-10-03 | 2.1 LOW | N/A |
| run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-1686 | 1 Gnome | 1 Gedit | 2018-10-03 | 2.6 LOW | N/A |
| Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries. | |||||
| CVE-2005-2549 | 1 Gnome | 1 Evolution | 2018-10-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers. | |||||
| CVE-2005-1765 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 2.1 LOW | N/A |
| syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments. | |||||
| CVE-2005-2452 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 5.0 MEDIUM | N/A |
| libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804. | |||||
| CVE-2004-1058 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2018-10-03 | 1.2 LOW | N/A |
| Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. | |||||
| CVE-2004-0983 | 4 Gentoo, Mandrakesoft, Ubuntu and 1 more | 5 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2018-10-03 | 5.0 MEDIUM | N/A |
| The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. | |||||
| CVE-2004-1010 | 1 Info-zip | 1 Zip | 2018-10-03 | 10.0 HIGH | N/A |
| Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname. | |||||
| CVE-2005-0201 | 1 D-bus | 1 D-bus | 2018-10-03 | 2.1 LOW | N/A |
| D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket. | |||||