Lucene search

K

139 matches found

CVE
CVE
added 2006/09/27 11:7 p.m.4162 views

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

9.3CVSS8.4AI score0.01458EPSS
CVE
CVE
added 2014/04/15 10:55 a.m.828 views

CVE-2013-5704

The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."

5CVSS5.7AI score0.8475EPSS
CVE
CVE
added 2010/11/05 5:0 p.m.355 views

CVE-2010-2941

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

9.8CVSS9.6AI score0.27685EPSS
CVE
CVE
added 2008/05/05 5:20 p.m.260 views

CVE-2008-0599

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

10CVSS9.6AI score0.51567EPSS
CVE
CVE
added 2012/02/16 8:55 p.m.227 views

CVE-2011-3026

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

6.8CVSS9.1AI score0.34687EPSS
CVE
CVE
added 2012/10/03 9:55 p.m.159 views

CVE-2012-3489

The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that...

6.5CVSS6.1AI score0.01036EPSS
CVE
CVE
added 2010/06/30 6:30 p.m.140 views

CVE-2010-1205

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

9.8CVSS9.9AI score0.17033EPSS
CVE
CVE
added 2012/05/11 3:49 a.m.125 views

CVE-2012-0659

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

6.8CVSS8.5AI score0.01774EPSS
CVE
CVE
added 2009/08/11 6:30 p.m.113 views

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Cod...

6.5CVSS6.7AI score0.00296EPSS
CVE
CVE
added 2009/06/09 5:30 p.m.111 views

CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED ta...

7.5CVSS7AI score0.15376EPSS
CVE
CVE
added 2006/09/06 12:4 a.m.107 views

CVE-2006-4095

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

7.5CVSS7.4AI score0.09412EPSS
CVE
CVE
added 2008/11/21 2:30 a.m.99 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.

7.5CVSS7.3AI score0.01973EPSS
CVE
CVE
added 2009/04/17 12:30 a.m.89 views

CVE-2009-0946

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

7.5CVSS8.8AI score0.11816EPSS
CVE
CVE
added 2009/07/10 3:30 p.m.88 views

CVE-2009-2422

The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentica...

9.8CVSS9.4AI score0.00403EPSS
CVE
CVE
added 2007/07/16 10:30 p.m.85 views

CVE-2007-3798

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

9.8CVSS9.8AI score0.74399EPSS
CVE
CVE
added 2010/03/05 7:30 p.m.83 views

CVE-2010-0302

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client ...

7.5CVSS7.4AI score0.09847EPSS
CVE
CVE
added 2016/03/24 1:59 a.m.80 views

CVE-2016-1776

Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request.

5.3CVSS4.7AI score0.00283EPSS
CVE
CVE
added 2010/07/28 12:48 p.m.72 views

CVE-2010-0211

The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing i...

9.8CVSS8.8AI score0.42633EPSS
CVE
CVE
added 2009/11/10 7:30 p.m.71 views

CVE-2009-2820

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related ...

4.3CVSS6.8AI score0.01726EPSS
CVE
CVE
added 2010/06/22 5:30 p.m.71 views

CVE-2010-1637

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

6.5CVSS5.9AI score0.00128EPSS
CVE
CVE
added 2009/11/20 2:30 a.m.69 views

CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listin...

7.5CVSS7.4AI score0.09847EPSS
CVE
CVE
added 2016/03/24 1:59 a.m.66 views

CVE-2016-1777

Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.

7.5CVSS6.3AI score0.00401EPSS
CVE
CVE
added 2007/02/16 7:28 p.m.65 views

CVE-2007-0897

Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return ...

7.5CVSS7.3AI score0.05072EPSS
CVE
CVE
added 2009/11/10 7:30 p.m.65 views

CVE-2009-2825

Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legiti...

4.3CVSS5.6AI score0.01808EPSS
CVE
CVE
added 2010/03/30 6:30 p.m.64 views

CVE-2010-0508

Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors.

10CVSS8.6AI score0.00352EPSS
CVE
CVE
added 2010/03/30 5:30 p.m.64 views

CVE-2010-0533

Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors.

7.5CVSS8.3AI score0.00241EPSS
CVE
CVE
added 2009/11/10 7:30 p.m.63 views

CVE-2009-2823

The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.

4.3CVSS5.9AI score0.0032EPSS
CVE
CVE
added 2011/03/23 2:0 a.m.61 views

CVE-2011-0173

Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an Appl...

6.8CVSS6.8AI score0.00659EPSS
CVE
CVE
added 2005/07/18 4:0 a.m.60 views

CVE-2005-1689

Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.

9.8CVSS9.7AI score0.55203EPSS
CVE
CVE
added 2008/03/19 10:44 a.m.60 views

CVE-2008-0063

The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."

7.5CVSS8.6AI score0.04745EPSS
CVE
CVE
added 2011/03/23 2:0 a.m.58 views

CVE-2011-0182

The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.

7.2CVSS5.5AI score0.0039EPSS
CVE
CVE
added 2011/03/23 2:0 a.m.57 views

CVE-2011-0175

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font.

6.8CVSS6.4AI score0.01577EPSS
CVE
CVE
added 2011/03/23 2:0 a.m.57 views

CVE-2011-0178

The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory.

2.1CVSS5.2AI score0.00049EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.56 views

CVE-2011-3220

QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

4.3CVSS7.3AI score0.00735EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.56 views

CVE-2011-3222

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

6.8CVSS8.6AI score0.02208EPSS
CVE
CVE
added 2012/09/20 9:55 p.m.56 views

CVE-2012-3722

The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

6.8CVSS7.5AI score0.02122EPSS
CVE
CVE
added 2011/06/21 2:52 a.m.55 views

CVE-2011-1755

jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

7.5CVSS6.9AI score0.08459EPSS
CVE
CVE
added 2004/07/07 4:0 a.m.54 views

CVE-2004-0430

Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than ...

5.1CVSS8.1AI score0.80742EPSS
CVE
CVE
added 2009/05/13 3:30 p.m.54 views

CVE-2009-0152

iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network.

7.5CVSS6.5AI score0.00628EPSS
CVE
CVE
added 2010/03/30 6:30 p.m.54 views

CVE-2010-0513

Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PostScript document.

6.8CVSS9.3AI score0.01901EPSS
CVE
CVE
added 2011/03/11 5:55 p.m.53 views

CVE-2011-1417

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a c...

6.8CVSS6.3AI score0.04317EPSS
CVE
CVE
added 2008/12/17 1:30 a.m.52 views

CVE-2008-4218

Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt.

7.2CVSS5.9AI score0.00054EPSS
CVE
CVE
added 2010/01/20 4:30 p.m.52 views

CVE-2010-0037

Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.

9.3CVSS7.8AI score0.04726EPSS
CVE
CVE
added 2010/03/30 6:30 p.m.52 views

CVE-2010-0063

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, as ...

6.8CVSS8.9AI score0.00345EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.52 views

CVE-2011-0185

Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file.

4.4CVSS7.6AI score0.00059EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.52 views

CVE-2011-3215

The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.

2.1CVSS7.8AI score0.00068EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.52 views

CVE-2011-3218

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported...

2.6CVSS7.2AI score0.00662EPSS
CVE
CVE
added 2013/06/05 2:39 p.m.52 views

CVE-2013-0984

Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.

9.3CVSS7.5AI score0.09856EPSS
CVE
CVE
added 2009/11/10 7:30 p.m.51 views

CVE-2009-2808

Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response.

5.4CVSS7.1AI score0.00092EPSS
CVE
CVE
added 2002/12/18 5:0 a.m.50 views

CVE-2002-1347

Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) ...

9.8CVSS9.9AI score0.09976EPSS
Total number of security vulnerabilities139