Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SuseSuse Linux9.1

80 matches found

CVE
CVEadded 2004/10/20 4:0 a.m.56 views

CVE-2004-0688

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.

7.5CVSS7.2AI score0.16028EPSS
CVE
CVEadded 2004/09/24 4:0 a.m.56 views

CVE-2004-0905

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

4.6CVSS6.8AI score0.05741EPSS
CVE
CVEadded 2005/02/17 5:0 a.m.56 views

CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

5CVSS7.5AI score0.2586EPSS
CVE
CVEadded 2006/02/11 11:2 a.m.56 views

CVE-2006-0646

ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attack...

4.4CVSS7.2AI score0.00075EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.55 views

CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

7.5CVSS6.5AI score0.00949EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.55 views

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.

10CVSS7.3AI score0.15592EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.55 views

CVE-2004-1174

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

5CVSS6.1AI score0.01138EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.54 views

CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

5CVSS6.2AI score0.06148EPSS
CVE
CVEadded 2005/01/29 5:0 a.m.54 views

CVE-2004-1184

The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

4.6CVSS7.7AI score0.00943EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.53 views

CVE-2004-1071

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.

7.2CVSS7.4AI score0.00052EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.53 views

CVE-2004-1090

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

5CVSS6.3AI score0.0106EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.53 views

CVE-2004-1091

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

5CVSS6.2AI score0.0106EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.53 views

CVE-2004-1142

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5CVSS6.2AI score0.08831EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.53 views

CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

7.5CVSS7.2AI score0.00949EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.52 views

CVE-2004-0746

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

7.5CVSS6.7AI score0.01495EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.52 views

CVE-2004-1092

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

5CVSS6.3AI score0.00763EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.52 views

CVE-2004-1145

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary fi...

5CVSS6.8AI score0.06715EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.51 views

CVE-2004-1098

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

7.5CVSS6.5AI score0.00447EPSS
CVE
CVEadded 2005/03/04 5:0 a.m.50 views

CVE-2005-0638

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

7.5CVSS7.1AI score0.02388EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.48 views

CVE-2004-0626

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the...

5CVSS6.2AI score0.01738EPSS
CVE
CVEadded 2005/01/19 5:0 a.m.48 views

CVE-2004-0991

Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.

7.5CVSS7.6AI score0.05027EPSS
CVE
CVEadded 2005/02/13 5:0 a.m.46 views

CVE-2004-1476

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.

5.1CVSS7.6AI score0.02053EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.45 views

CVE-2004-1009

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

5CVSS6.2AI score0.01288EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.45 views

CVE-2004-1093

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

5CVSS6.3AI score0.0106EPSS
CVE
CVEadded 2006/04/07 10:0 a.m.45 views

CVE-2005-4772

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

6.4CVSS6.4AI score0.00279EPSS
CVE
CVEadded 2005/10/27 10:2 a.m.44 views

CVE-2005-3321

chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.

4.6CVSS6.2AI score0.00031EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.42 views

CVE-2005-0207

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

2.1CVSS6.2AI score0.00078EPSS
CVE
CVEadded 2006/01/31 2:3 a.m.41 views

CVE-2006-0043

Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.

4.6CVSS7.3AI score0.00133EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.38 views

CVE-2004-0929

Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.

10CVSS8AI score0.08155EPSS
CVE
CVEadded 2005/05/10 4:0 a.m.31 views

CVE-2004-2004

The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH.

10CVSS7.1AI score0.00933EPSS
Total number of security vulnerabilities80