4290 matches found
Siemens SCALANCE X-200RNA Switch Devices Integer Overflow or Wraparound (CVE-2019-16905)
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing...
SUSE CVE-2004-0964
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file...
SUSE CVE-2004-1071
The binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code...
SUSE CVE-2004-1076
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file...
SUSE CVE-2004-1235
Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...
SUSE CVE-2004-1772
Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument...
SUSE CVE-2005-0003
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA virtual memory address allocations, which allows local users to cause a denial of service system crash or execute arbitrary code via a crafted ELF or a.out file...
SUSE CVE-2005-0098
Multiple buffer overflows in the SDL port of abuse abuse-SDL before 2.00 allow local users to execute arbitrary code via the command line...
SUSE CVE-2005-0504
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver moxa.c in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value...
SUSE CVE-2005-3013
Buffer overflow in liby2util in Yet another Setup Tool YaST for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry...
SUSE CVE-2005-4791
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 liferea or 2 banshee...
SUSE CVE-2006-0646
ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an...
SUSE CVE-2006-1744
Buffer overflow in plmain.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call...
SUSE CVE-2006-3739
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics AFM files with a modified number of character metrics StartCharMetrics, which leads to a heap-based buffer overflow...
SUSE CVE-2006-6101
Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data...
SUSE CVE-2006-6102
Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures...
SUSE CVE-2007-1484
The arrayuserkeycompare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zvaldtor, which triggers memory corruption and allows local users to bypass safemode and execute arbitrary code via a certain unset operation after arrayuserkeycompare has been called...
SUSE CVE-2007-4730
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap...
SUSE CVE-2007-5730
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of...
SUSE CVE-2008-2147
Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory...