Lucene search
K

4316 matches found

CVE
CVE
added 2005/09/30 4:0 a.m.54 views

CVE-2005-3060

CVE-2005-3060 affects IBM AIX getconf in AIX 5.2–5.3, due to a buffer overflow in the getconf utility. Exploitation would be local (authenticated) and may allow arbitrary code execution on the affected host. The CERT/IBM documentation identifies IBM as vendor and points to updates (IY73814, IY738...

7.2CVSS7.3AI score0.00523EPSS
Exploits0References8Affected Software1
RedHat Linux
RedHat Linux
added 2005/09/28 2:17 p.m.4 views

Buffer overflow in moxa driver

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver moxa.c in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value...

4.6CVSS6.2AI score0.00576EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/08/24 4:0 a.m.25 views

CVE-2005-1843

VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument...

7.3AI score0.01224EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/08/16 4:0 a.m.15 views

CVE-2004-2372

Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME environment variable, which is used if the .bochsrc, bochsrc, and bochsrc.txt cannot be found in a known path. NOTE: some external documents recommend that Bochs be installed...

7.4AI score0.00705EPSS
Exploits1References4
CVE
CVE
added 2005/08/05 4:0 a.m.48 views

CVE-2002-2089

CVE-2002-2089 is a vulnerability in Solaris 9.0 where the rcp component suffers a buffer overflow, exploitable by a local user via a long command line argument, potentially allowing arbitrary code execution. The description across sources consistently identifies a local-privilege impact with the ...

4.6CVSS7.9AI score0.00437EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2005/08/05 4:0 a.m.24 views

CVE-2004-2300

Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this...

7.2CVSS7.4AI score0.00648EPSS
Exploits1
CVE
CVE
added 2005/07/14 4:0 a.m.47 views

CVE-2002-2041

CVE-2002-2041 affects RTOS 6.1.0 due to multiple buffer overflows that let a local attacker execute arbitrary code. Exploitation vectors are (1) a long ABLANG environment variable in phlocale and (2) a long -u option to pkg-installer. CVSSv2 base score is 7.2 (HIGH); impact is complete confidenti...

7.2CVSS7.8AI score0.01237EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.19 views

CVE-2001-1553

Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options 1 socksserver, 2 socksuser, and 3 sockspasswd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be...

7.6AI score0.00403EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2005/07/14 4:0 a.m.22 views

CVE-2002-2016

User-mode Linux UML 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code...

7.2CVSS5.9AI score0.01144EPSS
Exploits1
CVE
CVE
added 2005/06/28 4:0 a.m.64 views

CVE-2002-1980

The CVE-2002-1980 entry concerns a buffer overflow in Sun Solaris volumes-d vold (Volume Manager daemon) affecting Solaris 2.5.1 through 8. The underlying flaw is a buffer overflow in vold that allows local users to execute arbitrary code. Affected component: vold; affected platforms: Solaris 2.5...

7.2CVSS7.8AI score0.00474EPSS
Exploits0References3Affected Software2
RedHat Linux
RedHat Linux
added 2005/05/25 4:42 p.m.6 views

security flaw

The elfcoredump function in binfmtelf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the createelftables function, causes a negative length argument to pass ...

7.2CVSS7AI score0.01774EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/05/19 4:0 a.m.23 views

CVE-2003-1208

Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by 1 setting the TIMEZONE session parameter to a long value, or providing long parameters to the 2 NUMTOYMINTERVAL, 3 NUMTODSINTERVAL or 4 FROMTZ functions...

7.1AI score0.13193EPSS
Exploits1References17
Gentoo Linux
Gentoo Linux
added 2005/05/19 12:0 a.m.13 views

Cheetah: Untrusted module search path

Background Cheetah is a Python powered template engine and code generator. Description Brian Bird discovered that Cheetah searches for modules in the world-writable /tmp directory. Impact A malicious local user could place a module containing arbitrary code in /tmp, which when imported would run...

2.7AI score
Exploits0
Cvelist
Cvelist
added 2005/05/17 4:0 a.m.16 views

CVE-2005-1632

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...

7.2AI score0.00433EPSS
Exploits0References3
OSV
OSV
added 2005/05/17 4:0 a.m.3 views

DEBIAN-CVE-2005-1632

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...

7.2CVSS7.4AI score0.00433EPSS
Exploits0References1
CVE
CVE
added 2005/05/10 4:0 a.m.57 views

CVE-2004-2013

The CVE-2004-2013 vulnerability affects Linux kernels 2.4.25 and earlier, caused by an integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c. An optlen value of -1 allows kmalloc to allocate 0 bytes, enabling a local attacker to potentially execute arbitrary code. Documen...

7.8CVSS7.9AI score0.00617EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2005/05/04 4:0 a.m.76 views

CVE-2005-0594

The CVE-2005-0594 issue is a local buffer overflow in Apple Mac OS X Server’s NeST (NetInfo Setup Tool) triggered by an overly long -target command-line argument. The flaw allows a local user to execute arbitrary code with the NeST process’s privileges (typically root). Apple addressed this with ...

7.2CVSS7.2AI score0.00902EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2005/05/02 4:0 a.m.3 views

DEBIAN-CVE-2005-0073

Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code...

4.6CVSS7.1AI score0.00481EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2005/04/26 4:31 p.m.3 views

security flaw

Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument...

4.6CVSS6.4AI score0.00649EPSS
Exploits1References4
OSV
OSV
added 2005/04/14 4:0 a.m.2 views

DEBIAN-CVE-2005-0016

Buffer overflow in the exporteddisplay function in xatitv in gatos before 0.0.5 allows local users to execute arbitrary code...

7.2CVSS7.5AI score0.00494EPSS
Exploits0References1
Rows per page
Query Builder