Lucene search
K

70 matches found

OSV
OSV
added 2008/11/01 12:0 a.m.6 views

CVE-2008-4867

Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCAMAXFRAMESIZE value...

6.9AI score
Exploits0References12
EUVD
EUVD
added 2008/08/15 12:0 a.m.1 views

EUVD-2008-3644

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

7.5CVSS7.6AI score0.06847EPSS
Exploits1References46
Prion
Prion
added 2007/11/20 7:46 p.m.20 views

Design/Logic Flaw

PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service application crash via a long string in 1 the domain parameter to the dgettext function, the message parameter to the 2 dcgettext or 3 gettext function, the msgid1 parameter to the 4 dngettext or 5 ngettext...

2.1CVSS7.3AI score0.01027EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2007/08/25 12:17 a.m.19 views

CVE-2007-4528

The Foreign Function Interface ffi extension in PHP 5.0.5 does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. NOTE: this issue does n...

4.3CVSS7.5AI score0.04703EPSS
Exploits0References1
NVD
NVD
added 2007/06/04 5:30 p.m.28 views

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

5CVSS7.5AI score0.02695EPSS
Exploits0References13
Cvelist
Cvelist
added 2007/06/04 5:0 p.m.48 views

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

7.4AI score0.02695EPSS
Exploits0References13
Cvelist
Cvelist
added 2007/05/16 10:0 p.m.35 views

CVE-2007-2727

The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...

7.5AI score0.0186EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2007/04/10 11:19 p.m.2 views

CVE-2007-1926

Cross-site scripting XSS vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via 1 http or 2 ftp requests logged in /var/log/directadmin/security.log; 3 allows context-dependent...

6.8CVSS5.6AI score0.01551EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2006/07/12 6:6 p.m.6 views

security flaw

Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different...

5CVSS6.4AI score0.1038EPSS
Exploits2References4
NVD
NVD
added 2006/06/01 1:2 a.m.31 views

CVE-2006-2719

JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HRStaff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords...

4.9CVSS7AI score0.00452EPSS
Exploits1References5
Rows per page
Query Builder