Openpkg@2.1 Security Vulnerabilities and Issues — Openpkg@2.1 CVE List

Lucene search

OpenpkgOpenpkg2.1

9 matches found

CVE•added 2005/02/09 5:0 a.m.•130 views

CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

7.8CVSS8AI score0.05696EPSS

CVE•added 2005/01/10 5:0 a.m.•109 views

CVE-2004-1019

The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" re...

10CVSS9.7AI score0.08105EPSS

CVE•added 2004/10/20 4:0 a.m.•79 views

CVE-2004-0772

Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.

9.8CVSS9.9AI score0.21769EPSS

CVE•added 2004/07/27 4:0 a.m.•75 views

CVE-2004-0594

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a Ha...

5.1CVSS7.4AI score0.78001EPSS

CVE•added 2005/03/01 5:0 a.m.•70 views

CVE-2004-0990

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPng...

10CVSS7.9AI score0.34839EPSS

CVE•added 2005/02/09 5:0 a.m.•66 views

CVE-2004-0957

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

6.8CVSS5.9AI score0.00386EPSS

CVE•added 2005/01/27 5:0 a.m.•64 views

CVE-2004-0918

The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.

5CVSS6.2AI score0.68742EPSS

CVE•added 2005/02/13 5:0 a.m.•64 views

CVE-2005-0373

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

7.5CVSS7.4AI score0.04758EPSS

CVE•added 2005/01/10 5:0 a.m.•59 views

CVE-2004-1065

Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.

10CVSS7.5AI score0.06905EPSS