CVE-2007-1352

all versions

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute

CVE-2005-3626

all versions

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause

CVE-2005-3625

all versions

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause

CVE-2005-3624

all versions

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and

CVE-2005-0988

all versions

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of a

CVE-2004-1176

all versions

Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and

CVE-2004-1175

all versions

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using

CVE-2004-1174

all versions

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existi

CVE-2004-1093

all versions

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

CVE-2004-1092

all versions

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated

CVE-2004-1091

all versions

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

CVE-2004-1090

all versions

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

CVE-2004-1009

all versions

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack

CVE-2004-1005

all versions

Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

CVE-2004-1004

all versions

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown imp

CVE-2004-1073

all versions

The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows loca

CVE-2004-1072

all versions

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name str

CVE-2004-1071

all versions

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed

CVE-2004-1070

all versions

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, do

CVE-2004-0817

all versions

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted

CVE-2004-0802

all versions

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted

CVE-2004-1377

all versions

The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitra

CVE-2004-0827

all versions

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to

CVE-2004-0809

all versions

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a c

CVE-2003-0694

all versions

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstr

CVE-2003-0681

all versions

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final

CVE-2003-0370

all versions

Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allo

CVE-2001-0169

<= 6.0.5

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /

CVE-2000-0844

all versions

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows loc

CVE-2000-0438

all versions

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long moun

CVE-2000-0336

all versions

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.

CVE-2000-0172

all versions

The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges

CVE-2000-0196

all versions

Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an em

CVE-2000-0186

all versions

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command li

CVE-2000-0170

all versions

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.

CVE-2000-0052

all versions

Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.

CVE-1999-0949

all versions

Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

CVE-1999-0948

all versions

Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

CVE-1999-1288

all versions

Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the