9110 matches found
CVE-2004-1091
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
CVE-2004-1142
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
CVE-2004-1175
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
CVE-2006-5873
Buffer overflow in the cluster_process_heartbeat function in cluster.c in layer 2 tunneling protocol network server (l2tpns) before 2.1.21 allows remote attackers to cause a denial of service via a large heartbeat packet.
CVE-2007-5730
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "N...
CVE-2010-2490
Mumble: murmur-server has DoS due to malformed client query
CVE-2010-3439
It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.
CVE-2011-0703
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.
CVE-2011-1444
Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-2897
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
CVE-2012-2237
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Dis...
CVE-2013-3555
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2014-4911
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.
CVE-2014-6276
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
CVE-2014-9274
UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
CVE-2015-1396
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
CVE-2015-1414
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.
CVE-2015-2776
The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.
CVE-2015-8473
The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.
CVE-2015-8852
Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction with multiple Content-Length headers in an HTTP ...
CVE-2016-10246
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVE-2016-10247
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVE-2016-1231
Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified path.
CVE-2016-2511
Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php.
CVE-2016-3167
Open redirect vulnerability in the drupal_goto function in Drupal 6.x before 6.38, when used with PHP before 5.4.7, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a double-encoded URL in the "destination" parameter.
CVE-2017-0926
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.
CVE-2017-13756
In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls.
CVE-2017-16804
In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function in app/models/mailer.rb does not check whether an issue is visible, which allows remote authenticated users to obtain sensitive information by reading e-mail reminder messages.
CVE-2017-17843
An issue was discovered in Enigmail before 1.9.9 that allows remote attackers to trigger use of an intended public key for encryption, because incorrect regular expressions are used for extraction of an e-mail address from a comma-separated list, as demonstrated by a modified Full Name field and a ...
CVE-2017-18122
A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the assertions is valid. Att...
CVE-2017-6309
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
CVE-2017-8808
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has XSS when the $wgShowExceptionDetails setting is false and the browser sends non-standard URL escaping.
CVE-2018-1000099
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.
CVE-2018-16949
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values a...
CVE-2018-21016
audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2018-6519
The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp.
CVE-2019-13223
A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
CVE-2019-14443
An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
CVE-2020-36424
An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.
CVE-2021-31866
Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController.
CVE-2021-36057
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of th...
CVE-2021-38161
Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.
CVE-2022-24301
In Minetest before 5.4.0, players can add or subtract items from a different player's inventory.
CVE-2022-28129
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
CVE-2022-28203
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query.
CVE-2001-0456
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
CVE-2001-0458
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
CVE-2004-0579
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
CVE-2004-0915
Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
CVE-2004-1027
Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.