- EPSS 2.57%
- Veröffentlicht 12.01.2008 02:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:44
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
CVE-2007-0454
- EPSS 6.41%
- Veröffentlicht 06.02.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:36
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during...
- EPSS 3.41%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:17
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
- EPSS 3.86%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:16
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and ...
- EPSS 2.3%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:16
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int...
- EPSS 2.51%
- Veröffentlicht 26.07.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:46
nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote at...
CVE-2005-0206
- EPSS 2.99%
- Veröffentlicht 27.04.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:41
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2005-0085
- EPSS 2.27%
- Veröffentlicht 27.04.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:28
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
CVE-2005-0020
- EPSS 0.51%
- Veröffentlicht 14.04.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:22
Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.
CVE-2005-0003
- EPSS 0.51%
- Veröffentlicht 14.04.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:20
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbit...