Lucene search
K

294 matches found

NVD
NVD
added 2008/08/13 12:41 a.m.17 views

CVE-2008-2245

Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System MSCMS in the Image Color Management ICM component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code...

9.3CVSS7.7AI score0.46142EPSS
Exploits1References11
OSV
OSV
added 2008/04/22 4:41 a.m.1 views

DEBIAN-CVE-2008-1102

Stack-based buffer overflow in the imbloadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image...

6.8CVSS7.9AI score0.03885EPSS
Exploits1References1
OSV
OSV
added 2007/02/03 11:28 p.m.9 views

CVE-2007-0472

Multiple race conditions in Smb4K before 0.8.0 allow local users to 1 modify arbitrary files via unspecified manipulations of Smb4K's lock file, which is not properly handled by the removelockfile function in core/smb4kfileio.cpp, and 2 add lines to the sudoers file via a symlink attack on...

6.6AI score
Exploits0References15
OSV
OSV
added 2006/04/06 10:4 a.m.2 views

DEBIAN-CVE-2006-1655

Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3. NOTE: this issue might be related to CVE-2004-0991, but it is not clear...

6.5CVSS6.8AI score0.01557EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2005/02/09 12:0 a.m.30 views

ArGoSoft FTP Server < 1.4.2.8 Multiple .LNK File Handling Vulnerabilities

The remote host is running the ArGoSoft FTP Server. It is reported that ArGoSoft FTP Server allows an attacker to upload shortcut .LNK files via either a 'SITE UNZIP' or 'SITE COPY' command and gain read and write access to any files and directories on the FTP server. C Tenable Network Security,...

10CVSS5.6AI score0.03781EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/01/29 5:0 a.m.22 views

CVE-2004-1150

Stack-based buffer overflow in the incdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long 1 device name or 2 sound track number, as demonstrated with a .m3u or .pls playlist file...

7.9AI score0.08708EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/01/19 5:0 a.m.25 views

CVE-2004-1306

Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file...

8AI score0.34537EPSS
Exploits1References4
OSV
OSV
added 2005/01/11 5:0 a.m.7 views

CVE-2004-0991

Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files...

7.7AI score
Exploits0References7
NVD
NVD
added 2005/01/10 5:0 a.m.34 views

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

2.1CVSS6.2AI score0.01145EPSS
Exploits2References13
Packet Storm
Packet Storm
added 2004/10/01 12:0 a.m.32 views

phpPOC.txt

PHP File Upload Vulnerability POC Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Author: Stefano Di Paola Affected: Php "; if isuploadedfile$FILES'userfile''tmpname' && moveuploadedfile$FILES'userfile''tmpname', $uploadfile print "File is valid, and was successfull...

7.4AI score
Exploits0
NVD
NVD
added 2002/07/03 4:0 a.m.11 views

CVE-2002-0552

Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a long argument in the /yell command, 2 long lines in the /etc/melange.conf configuration file, 3 long file names, or possibly other...

7.5CVSS8AI score0.08618EPSS
Exploits1References8
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.19 views

CVE-2000-0565

SmartFTP Daemon 0.2 allows a local user to access arbitrary files by uploading and specifying an alternate user configuration file via a .. dot dot attack...

6.5AI score0.00483EPSS
Exploits1References4
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.25 views

CVE-2000-0811

Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. dot dot attack on the username or bidfile form fields...

6.7AI score0.01562EPSS
Exploits1References3
exploitpack
exploitpack
added 1996/03/01 12:0 a.m.12 views

Microsoft IIS 1.0 Netscape Server 1.01.12 OReilly WebSite Professional 1.1b - .cmd .CMD Remote Command Execution

Microsoft IIS 1.0 Netscape Server 1.01.12 OReilly WebSite Professional 1.1b - .cmd .CMD Remote Command Execution IIS 1.0,Netscape Commerce Server 1.0/Communications Server 1.12,OReilly Software WebSite Professional 1.1 b BAT/.CMD Remote Command Execution source:...

1AI score
Exploits0
Rows per page
Query Builder