CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8497 matches found

securityvulns•added 2005/02/08 12:0 a.m.•21 views

AIX chdev format string bug

Format string bug in first command argument...

2.7AI score

Exploits0References1Affected Software1

securityvulns•added 2005/02/08 12:0 a.m.•31 views

iDEFENSE Security Advisory 02.07.05: IBM AIX chdev Local Format String Vulnerability

IBM AIX chdev Local Format String Vulnerability iDEFENSE Security Advisory 02.07.05 http://www.idefense.com/application/poi/display?type=vulnerabilities February 07, 2005 I. BACKGROUND The chdev program is a setuid root application, installed by default under multiple versions of IBM AIX, that...

0.3AI score

Exploits0

Tenable Nessus•added 2005/02/08 12:0 a.m.•429 views

3Com 3CServer/3CDaemon FTP Server Multiple Vulnerabilities (OF, FS, PD, DoS)

The remote host is running the 3Com 3CServer or 3CDaemon FTP server. According to its banner, the version of the 3CServer / 3CDaemon FTP server on the remote host is reportedly affected by multiple buffer overflow and format string vulnerabilities as well as an information leak issue. An attacker...

7.5CVSS5.9AI score0.79303EPSS

Exploits5References6

OSV•added 2005/02/08 12:0 a.m.•21 views

DSA-670-1 emacs20 - format string

Bulletin has no description...

7.5CVSS5.9AI score0.02845EPSS

Exploits0

OSV•added 2005/02/08 12:0 a.m.•20 views

DSA-671-1 xemacs21 - format string

Bulletin has no description...

7.5CVSS5.9AI score0.02845EPSS

Exploits0

Cvelist•added 2005/02/07 5:0 a.m.•22 views

CVE-2005-0240

Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message...

7.1AI score0.00054EPSS

Exploits0References4

CVE•added 2005/02/07 5:0 a.m.•38 views

CVE-2005-0240

CVE-2005-0240: Format string vulnerability in chdev on IBM AIX 5.2 permits local users to execute arbitrary code via format string specifiers in a command-line argument during error message printing. Affected component: chdev on AIX 5.2. Root cause: improper handling of format strings when printi...

7.2CVSS7.5AI score0.00054EPSS

Exploits0References4Affected Software1

OSV•added 2005/02/07 5:0 a.m.•2 views

DEBIAN-CVE-2005-0100

Format string vulnerability in the movemail utility in 1 Emacs 20.x, 21.3, and possibly other versions, and 2 XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets...

7.5CVSS7.7AI score0.02845EPSS

Exploits0References1

UbuntuCve•added 2005/02/07 5:0 a.m.•27 views

CVE-2005-0100

7.5CVSS6.2AI score0.02845EPSS

Exploits0References2

NVD•added 2005/02/07 5:0 a.m.•12 views

CVE-2005-0100

7.5CVSS7.3AI score0.02845EPSS

Exploits0References12

OSV•added 2005/02/07 5:0 a.m.•6 views

CVE-2005-0100

7.3AI score

Exploits0References18

Cvelist•added 2005/02/06 5:0 a.m.•20 views

CVE-2004-1388

Format string vulnerability in the gpsdreport function for BerliOS GPD daemon gpsd, formerly pygps 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls...

7.5AI score0.74086EPSS

Exploits8References5

CVE•added 2005/02/06 5:0 a.m.•44 views

CVE-2005-0188

CVE-2005-0188 concerns a format-string vulnerability in the SetBaseURL function of the AtHoc toolbar. The issue allows remote attackers to execute arbitrary code by supplying an invalid URL that is recorded in the debug log, leveraging format specifiers. Public references in NVD/CVE records indic...

7.5CVSS8AI score0.02313EPSS

Exploits0References5Affected Software1

CVE•added 2005/02/06 5:0 a.m.•62 views

CVE-2004-1388

CVE-2004-1388 describes a format-string vulnerability in BerliOS GPSD (gpsd, formerly pygps) within the gpsd_report function, affecting versions 1.9.0 through 2.7. An attacker could remotely trigger arbitrary code execution via GPS requests with format specifiers unhandled by syslog calls. Public...

7.5CVSS7.6AI score0.74086EPSS

Exploits8References5Affected Software1

CVE•added 2005/02/06 5:0 a.m.•46 views

CVE-2005-0226

ngIRCd is affected by a format-string vulnerability in Log_Resolver() (log.c) for versions 0.8.2 and earlier when IDENT is enabled, SYSLOG logging is used, and DEBUG is on. This can allow a remote attacker to execute arbitrary code with ngIRCd’s privileges (typically root). Several advisories and...

7.5CVSS7.3AI score0.1001EPSS

Exploits1References4Affected Software1

Cvelist•added 2005/02/06 5:0 a.m.•18 views

CVE-2005-0188

Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log...

7.7AI score0.02313EPSS

Exploits0References5

Debian CVE•added 2005/02/06 5:0 a.m.•18 views

CVE-2004-1388

7.5CVSS7.4AI score0.74086EPSS

Exploits8

Tenable Nessus•added 2005/02/04 12:0 a.m.•17 views

ngIRCd < 0.8.3 Log_Resolver() Remote Format String Overflow

Binary data 2591.prm...

7.5CVSS7.3AI score0.1001EPSS

Exploits1References4

securityvulns•added 2005/02/04 12:0 a.m.•26 views

ngIRCd <= v0.8.2 Format String Vulnerability

------------------------------------------------- No System Group - Advisory 11 - 03/02/05 ------------------------------------------------- Program: ngIRCd Homepage: http://arthur.ath.cx/alex/ngircd/ Operating System: Linux and Unix-Compatible Vulnerable Versions: ngIRCd v0.8.2 and prior Risk:...

7.7AI score

Exploits0

securityvulns•added 2005/02/04 12:0 a.m.•23 views

ngIRCd Internet Relay Chat daemon format string bug

Format string bug in logging feature...

1.3AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by