Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-09-20
Updated
2017-10-10
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
Max CVSS
7.5
EPSS Score
19.61%
Published
2001-09-20
Updated
2017-10-10
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
Max CVSS
4.6
EPSS Score
0.09%
Published
2001-12-21
Updated
2018-05-03
RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried.
Max CVSS
7.2
EPSS Score
0.12%
Published
2001-10-25
Updated
2017-12-19
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-07-19
Updated
2008-09-05
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
1.08%
Published
2002-01-31
Updated
2017-10-10
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-02-27
Updated
2017-10-10
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
Max CVSS
7.5
EPSS Score
43.97%
Published
2002-03-08
Updated
2016-10-18
Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.
Max CVSS
7.2
EPSS Score
0.08%
Published
2002-08-12
Updated
2008-09-05
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-06-16
Updated
2018-10-30
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
Max CVSS
4.6
EPSS Score
0.15%
Published
2002-12-31
Updated
2008-09-05
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
Max CVSS
10.0
EPSS Score
0.85%
Published
2003-02-19
Updated
2024-02-02
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
Max CVSS
10.0
EPSS Score
79.54%
Published
2003-08-27
Updated
2024-02-08
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
56.31%
Published
2003-10-20
Updated
2018-05-03
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
Max CVSS
7.5
EPSS Score
0.32%
Published
2003-10-20
Updated
2008-09-10
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
Max CVSS
7.5
EPSS Score
37.92%
Published
2003-12-15
Updated
2018-05-03
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
92.58%
Published
2004-03-03
Updated
2017-07-11
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
19.69%
Published
2004-03-03
Updated
2017-07-11
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
Max CVSS
10.0
EPSS Score
93.42%
Published
2004-08-18
Updated
2017-10-11
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
Max CVSS
10.0
EPSS Score
93.49%
Published
2004-08-06
Updated
2017-07-11
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
Max CVSS
10.0
EPSS Score
2.46%
Published
2004-08-06
Updated
2017-07-11
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
Max CVSS
7.5
EPSS Score
57.48%
Published
2004-07-07
Updated
2022-09-23
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
Max CVSS
10.0
EPSS Score
26.84%
Published
2004-08-06
Updated
2017-10-11
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
Max CVSS
7.2
EPSS Score
0.06%
Published
2004-12-06
Updated
2017-10-11
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
21.40%
Published
2004-09-28
Updated
2024-02-02
538 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!