CAN-2005-2971

CVE-2005-2971 affects the RTF importer in KWord/KOffice (KDE Office). The connected OpenVAS/Nessus entries confirm a buffer overflow that can lead to arbitrary code execution. Advisories across distributions document the issue and release patches or updates (e.g., Debian DSA-872-1; Gentoo GLSA 20...

CAN-2005-2963

CVE-2005-2963 affects the mod_auth_shadow Apache module (versions 1.0–2.0) where AuthShadow-enabled configurations cause shadow authentication to apply to all locations using the require group directive, potentially bypassing other access controls. Public disclosures in Debian (DSA-844-1), SUSE/O...

CAN-2005-3150

CVE-2005-3150 affects the weex FTP client. A format string vulnerability could allow remote code execution. Debian/ Gentoo advisories note fixes: weex 2.6.1-6sarge1 (and 2.6.1-4woody2 for woody). Upgrading to the patched package is recommended; old versions are vulnerable. The issue is a remote v...

CAN-2005-1279

The CAN-2005-1279 entry corresponds to tcpdump vulnerabilities in the BGP dissector (RT_ROUTING_INFO handling) that can cause a denial of service via an infinite loop when processing crafted packets. Public advisories and patches exist across multiple distributions: Debian DSA-850-1/DSA-850 fix t...

CAN-2005-1267

CVE-2005-1267 affects tcpdump (BGP dissector). The vulnerability arises when tcpdump’s bgp_update_print decodes a BGP packet and mishandles a -1 return value from decode_prefix4, allowing remote attackers to trigger an infinite loop and cause a denial of service. This issue has been addressed in ...

CAN-2005-3178

CVE-2005-3178 describes a buffer overflow in XLI/Xloadimage caused by a fixed-length buffer used to store NIFF/XPM image titles during image processing. An attacker could craft a malicious NIFF/XPM image to overflow this buffer, potentially enabling arbitrary code execution with the user’s privil...

CAN-2005-3069

CVE-2005-3069 concerns HylaFax: several scripts (faxcron, recvstats, xferfaxstats) may create insecure temporary files/directories, enabling local users to exploit symlinks. Debian and Gentoo advisories assign this as a local vulnerability in HylaFax 4.x classic releases, with fixed packages prov...

CAN-2005-2967

CVE-2005-2967 is a format-string vulnerability in the CDDB processing component of the xine-lib library. Across multiple distributions (Debian, Ubuntu, Gentoo, Mandrake/Mandriva, FreeBSD ports, etc.), advisories describe that an attacker can cause arbitrary code execution by pointing a vulnerable...

CAN-2005-2337

CVE-2005-2337 is a Ruby vulnerability involving bypass of the language’s safe level checks, potentially allowing an attacker to execute arbitrary code. The JVNDB entry describes bypassing safe level to run arbitrary scripts, implying code execution beyond safety restrictions. Ubuntu advisories US...

CAN-2005-3121

CVE-2005-3121 affects the module-assistant tool; a rule file before 0.9.10 creates a temporary file insecurely, allowing local users to perform unauthorized operations. Debian notes fixed in 0.9.10 (DSA-867-1) and provides upgrade guidance. Open questions remain about real-world exploitation deta...

CVE-2103-2929

CVE-2013-2929 is a Linux kernel flaw in the get_dumpable() function of the ptrace subsystem that could lead to information disclosure on systems where fs.suid_dumpable is set non-default. Debian lists this CVE among many in DSA-2906-1 and notes a fixed package for oldstable (2.6.32-48squeeze5). A...

CVE-2023-21723

Technical details are not publicly available in the provided documents; no affected products, impact, or remediation are specified. Monitor for updates.

CVE-2011-2390

In CVE-2011-2390, Ubuntu describes a misconfiguration in the kdump/mkdumprd OpenSSH integration where the default StrictHostKeyChecking is set to no. This enables a remote attacker controlling a malicious kdump server to impersonate the legitimate server and access security sensitive information ...

CVE-2013-3109

The connected OSV entry for UBUNTU-CVE-2013-3109 lists a vulnerability described as “SSL vaildation failed to validate hostnames.” The UB:CVE-2013-3109 Ubuntu entry also shows this description. No concrete affected product/version details, root-cause analysis, impact assessment, exploit status, o...

CVE-2014-3839

CVE-2014-3839 is described in the connected ownCloud advisories as a deserialization of untrusted data in the core that could allow an attacker to delete arbitrary files or execute arbitrary SQL queries. The affected product is ownCloud Server

CVE-2015-8159

Technical details for CVE-2015-8159 are not publicly available in the provided documents. Monitor for updates.

CVE-2015-3413

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2015-3413 from Ubuntu/OSV references.

CVE-2015-4663

Technical details are not publicly available in the provided documents. Monitor for updates from Ubuntu or OSV entries for CVE-2015-4663.

CVE-2020-17582

Technical details for CVE-2020-17582 are not publicly available in the provided documents. Monitor for updates; no affected products, impact, or remediation information can be stated from the supplied data.

CVE-2023-40325

CVE-2023-40325 is connected to multiple Moodle vulnerabilities reported by Nessus plugins. The affected self‑reported Moodle ranges are: < 3.9.23, < 3.11.16 for 3.11.x, < 4.0.10 for 4.0.x, < 4.1.5 for 4.1.x, and