Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0249 | 2 Canonical, Haxx | 3 Ubuntu Linux, Curl, Libcurl | 2016-12-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message. | |||||
| CVE-2008-5027 | 2 Nagios, Op5 | 2 Nagios, Monitor | 2016-12-07 | 6.5 MEDIUM | N/A |
| The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon. | |||||
| CVE-2009-4901 | 1 Muscle | 1 Pcsc-lite | 2016-12-07 | 2.1 LOW | N/A |
| The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407. | |||||
| CVE-2010-0407 | 1 Muscle | 1 Pcsc-lite | 2016-12-07 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled. | |||||
| CVE-2010-2761 | 1 Andy Armstrong | 2 Cgi-simple, Cgi.pm | 2016-12-07 | 4.3 MEDIUM | N/A |
| The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172. | |||||
| CVE-2010-4352 | 1 D-bus Project | 1 D-bus | 2016-12-07 | 2.1 LOW | N/A |
| Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants. | |||||
| CVE-2010-4410 | 1 Andy Armstrong | 2 Cgi-simple, Cgi.pm | 2016-12-07 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172. | |||||
| CVE-2010-5301 | 1 Senkas | 1 Kolibri | 2016-12-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a HEAD request. | |||||
| CVE-2005-2797 | 1 Openbsd | 1 Openssh | 2016-12-07 | 5.0 MEDIUM | N/A |
| OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality. | |||||
| CVE-2006-0512 | 1 Padl Software | 1 Migrationtools | 2016-12-07 | 2.1 LOW | N/A |
| PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh. | |||||
| CVE-2006-5084 | 1 Skype Technologies | 1 Skype | 2016-12-07 | 7.5 HIGH | N/A |
| Format string vulnerability in the NSRunAlertPanel function in eBay Skype for Mac 1.5.*.79 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed Skype URL, as originally reported to involve a null dereference. | |||||
| CVE-2001-1390 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 6.2 MEDIUM | N/A |
| Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages. | |||||
| CVE-2001-1392 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers. | |||||
| CVE-2001-1393 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang). | |||||
| CVE-2001-1394 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service. | |||||
| CVE-2001-1395 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 3.6 LOW | N/A |
| Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact. | |||||
| CVE-2001-1396 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 3.6 LOW | N/A |
| Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact. | |||||
| CVE-2001-1397 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory. | |||||
| CVE-2001-1398 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 7.5 HIGH | N/A |
| Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability. | |||||
| CVE-2001-1399 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||||