Total
259176 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-40094 | 1 Google | 1 Android | 2024-02-02 | N/A | 7.8 HIGH |
In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-40095 | 1 Google | 1 Android | 2024-02-02 | N/A | 7.8 HIGH |
In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2022-0545 | 2 Blender, Debian | 2 Blender, Debian Linux | 2024-02-02 | 5.1 MEDIUM | 7.8 HIGH |
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. | |||||
CVE-2021-30860 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-02 | 6.8 MEDIUM | 7.8 HIGH |
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |||||
CVE-2005-4650 | 1 Joomla | 1 Joomla | 2024-02-02 | 5.0 MEDIUM | N/A |
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots. | |||||
CVE-2008-1700 | 1 Interwoven | 1 Worksite Web | 2024-02-02 | 7.1 HIGH | N/A |
The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive. | |||||
CVE-2009-2540 | 1 Opera | 1 Opera Browser | 2024-02-02 | 4.3 MEDIUM | N/A |
Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | |||||
CVE-2019-1010006 | 4 Canonical, Debian, Gnome and 1 more | 4 Ubuntu Linux, Debian Linux, Evince and 1 more | 2024-02-02 | 6.8 MEDIUM | 7.8 HIGH |
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail. | |||||
CVE-2001-0334 | 1 Microsoft | 1 Internet Information Server | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | |||||
CVE-2001-0248 | 1 Hp | 1 Hp-ux | 2024-02-02 | 10.0 HIGH | 9.8 CRITICAL |
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | |||||
CVE-2001-0249 | 1 Sun | 2 Solaris, Sunos | 2024-02-02 | 10.0 HIGH | 9.8 CRITICAL |
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | |||||
CVE-2002-0184 | 2 Debian, Sudo Project | 2 Debian Linux, Sudo | 2024-02-02 | 7.2 HIGH | 7.8 HIGH |
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | |||||
CVE-2004-0434 | 2 Debian, Heimdal Project | 2 Debian Linux, Heimdal | 2024-02-02 | 10.0 HIGH | 9.8 CRITICAL |
k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. | |||||
CVE-2002-1347 | 1 Cyrus | 1 Sasl | 2024-02-02 | 7.5 HIGH | 9.8 CRITICAL |
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. | |||||
CVE-2021-43537 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2024-02-02 | 6.8 MEDIUM | 8.8 HIGH |
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. | |||||
CVE-2005-0490 | 2 Curl, Libcurl | 2 Curl, Libcurl | 2024-02-02 | 5.1 MEDIUM | 8.8 HIGH |
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication. | |||||
CVE-2004-0940 | 6 Apache, Hp, Openpkg and 3 more | 6 Http Server, Hp-ux, Openpkg and 3 more | 2024-02-02 | 6.9 MEDIUM | 7.8 HIGH |
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | |||||
CVE-2020-15811 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-02-02 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches. | |||||
CVE-2016-10003 | 1 Squid-cache | 1 Squid | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients. | |||||
CVE-2007-3268 | 1 Ibm | 1 Tivoli Provisioning Manager Os Deployment | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error. |