CVE-2005-2492
- EPSS 0.45%
- Veröffentlicht 14.09.2005 19:03:00
- Zuletzt bearbeitet 16.06.2026 22:15:00
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.
- EPSS 30.58%
- Veröffentlicht 06.09.2005 23:03:00
- Zuletzt bearbeitet 16.06.2026 22:15:29
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass inten...
- EPSS 2.67%
- Veröffentlicht 15.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:13:12
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function...
- EPSS 6.15%
- Veröffentlicht 19.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:12:44
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-2005-0758
- EPSS 0.53%
- Veröffentlicht 13.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:11:42
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
CVE-2005-1513
- EPSS 10.79%
- Veröffentlicht 11.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:13:11
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
CVE-2005-1111
- EPSS 0.31%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:12:27
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
CVE-2004-1002
- EPSS 2.7%
- Veröffentlicht 01.03.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:49
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.
- EPSS 16.16%
- Veröffentlicht 10.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:51
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underfl...
- EPSS 4.18%
- Veröffentlicht 10.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:56
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters...