CVSS: 9.8EPSS: 26%CPEs: 27EXPL: 1CVE-2010-1159 – Aircrack-NG Tools svn r1675 - Remote Heap Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2010-1159
07 Oct 2013 — Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet. Múltiples desbordamientos de buffer basados en memoria dinámica en Aircrack-ng anteriores a 1.1 permiten a atacantes remotos causar denegación de servicio (caída) y ejecutar código arbitrario a través de (1) un valor grande en un paquete EAPOL o (2) un paquete EAPOL grande. A buffer over... • https://www.exploit-db.com/exploits/12217 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 33EXPL: 0CVE-2009-1144 – Gentoo Linux Security Advisory 200904-7
https://notcve.org/view.php?id=CVE-2009-1144
07 Apr 2009 — Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library. Vulnerabilidad de ruta de búsqueda no confiable en el paquete Gentoo de Xpdf anteriores a v3.02-r2, permite a usuarios locales obtener privilegios a través de un troyano (fichero xpdfrc) en el directorio de trabajo actual, relativo... • http://bugs.gentoo.org/show_bug.cgi?id=200023 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 6%CPEs: 23EXPL: 2CVE-2007-1049 – WordPress Core < 2.09 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1049
21 Feb 2007 — Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and possibly other vectors involving the action variable. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la función wp_explain_nonce de la funcionalidad nonce AYS (wp-includes/functions.php) p... • https://www.exploit-db.com/exploits/29598 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 2CVE-2006-1390
https://notcve.org/view.php?id=CVE-2006-1390
25 Mar 2006 — The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks. • http://bugs.gentoo.org/show_bug.cgi?id=122376 •
CVSS: 8.8EPSS: 3%CPEs: 57EXPL: 1CVE-2005-0005 – iDEFENSE Security Advisory 2005-01-17.t
https://notcve.org/view.php?id=CVE-2005-0005
18 Jan 2005 — Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. Remote exploitation of a buffer overflow vulnerability in The ImageMagick's Project's ImageMagick PSD image-decoding module could allow an attacker to execute arbitrary code. Versions 6.1.7 and below are affected. • http://marc.info/?l=bugtraq&m=110608222117215&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2004-1452
https://notcve.org/view.php?id=CVE-2004-1452
31 Dec 2004 — Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. • http://secunia.com/advisories/12296 •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0CVE-2004-0749
https://notcve.org/view.php?id=CVE-2004-0749
19 Nov 2004 — The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames. El módulo mod_authz_svn en Subversion 1.0.7 y anteriores no restringe adecuadamente el acceso a todos los metadatos en rutas ilegibles, lo que podría permitir a atacantes remotos ganar información sensible mediante (1) svn l... • http://fedoranews.org/updates/FEDORA-2004-318.shtml •
CVSS: 9.8EPSS: 1%CPEs: 28EXPL: 0CVE-2004-0232
https://notcve.org/view.php?id=CVE-2004-0232
05 May 2004 — Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. Mútiples vulnerabilidades de cadena de formato en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegación de servicio o ejecutar código de su elección. • http://security.gentoo.org/glsa/glsa-200405-21.xml •
CVSS: 10.0EPSS: 1%CPEs: 28EXPL: 0CVE-2004-0226
https://notcve.org/view.php?id=CVE-2004-0226
05 May 2004 — Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. Múltiples desbordamientos de búfer en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario. • http://security.gentoo.org/glsa/glsa-200405-21.xml •
CVSS: 9.8EPSS: 0%CPEs: 28EXPL: 0CVE-2004-0231
https://notcve.org/view.php?id=CVE-2004-0231
05 May 2004 — Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." Múltiples vulnerabilidades en Midnight Commander (mc) anteriores a 4.6.0, con impacto desconocido, relacionadas con "creación insegura de ficheros y directorios temporales." • http://security.gentoo.org/glsa/glsa-200405-21.xml •