Page 2 of 25 results (0.003 seconds)

CVSS: 5.0EPSS: 9%CPEs: 6EXPL: 1

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. • https://www.exploit-db.com/exploits/27993 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html http://secunia.com/advisories/20525 http://secunia.com/advisories/20591 http://secunia.com/advisories/20638 http://secunia.com/advisories/20791 http://secunia.com/advisories/21062 http://secunia.com/advisories/21135 http://secunia.com/advisories/21385 http://secunia.com/advisories/21701 http:&#x • CWE-476: NULL Pointer Dereference •

CVSS: 2.6EPSS: 0%CPEs: 3EXPL: 13

Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template_engine.php, and (e) delete_form.php; (2) scope parameter in (f) search.php; and (3) Container DN, (4) Machine Name, and (5) UID Number fields in (g) template_engine.php. • https://www.exploit-db.com/exploits/27718 https://www.exploit-db.com/exploits/27717 https://www.exploit-db.com/exploits/27719 https://www.exploit-db.com/exploits/27721 https://www.exploit-db.com/exploits/27722 http://pridels0.blogspot.com/2006/04/phpldapadmin-multiple-vuln.html http://secunia.com/advisories/19747 http://secunia.com/advisories/20124 http://www.debian.org/security/2006/dsa-1057 http://www.osvdb.org/24788 http://www.osvdb.org/24789 http://www&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 1.2EPSS: 0%CPEs: 25EXPL: 0

snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. • http://secunia.com/advisories/19318 http://www.debian.org/security/2006/dsa-1013 http://www.securityfocus.com/bid/17182 https://exchange.xforce.ibmcloud.com/vulnerabilities/25442 •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity. Vulnerabilidad no especificada en las funciones (1) apreq_parse_headers y (2) apreq_parse_urlencoded en Apache2::Request (Libapreq2) en versiones anteriores a 2.07 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de vectores de ataque desconocidos que resultan en complejidad computacional cuadrática. • http://secunia.com/advisories/18846 http://secunia.com/advisories/19139 http://secunia.com/advisories/19658 http://securityreason.com/securityalert/737 http://svn.apache.org/viewcvs.cgi/httpd/apreq/tags/v2_07/CHANGES?rev=376998&view=markup http://www.debian.org/security/2006/dsa-1000 http://www.gentoo.org/security/en/glsa/glsa-200604-08.xml http://www.securityfocus.com/bid/16710 http://www.vupen.com/english/advisories/2006/0645 https://exchange.xforce.ibmcloud.com/vulnera •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver. • http://secunia.com/advisories/19339 http://www.debian.org/security/2006/dsa-1011 https://exchange.xforce.ibmcloud.com/vulnerabilities/25406 •