CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2006-0043
https://notcve.org/view.php?id=CVE-2006-0043
31 Jan 2006 — Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350020 •
CVSS: 9.1EPSS: 7%CPEs: 127EXPL: 1CVE-2005-3624
https://notcve.org/view.php?id=CVE-2005-3624
31 Dec 2005 — The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 11%CPEs: 127EXPL: 1CVE-2005-3625
https://notcve.org/view.php?id=CVE-2005-3625
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 9%CPEs: 127EXPL: 1CVE-2005-3626
https://notcve.org/view.php?id=CVE-2005-3626
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 25EXPL: 0CVE-2005-4772
https://notcve.org/view.php?id=CVE-2005-4772
31 Dec 2005 — liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013. • http://www.novell.com/linux/security/advisories/2005_22_sr.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-4788
https://notcve.org/view.php?id=CVE-2005-4788
31 Dec 2005 — resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices." • http://www.novell.com/linux/security/advisories/2005_22_sr.html •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-4789
https://notcve.org/view.php?id=CVE-2005-4789
31 Dec 2005 — resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level. • http://www.novell.com/linux/security/advisories/2005_22_sr.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-4790
https://notcve.org/view.php?id=CVE-2005-4790
31 Dec 2005 — Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions. • http://bugs.gentoo.org/show_bug.cgi?id=188806 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2005-3321
https://notcve.org/view.php?id=CVE-2005-3321
27 Oct 2005 — chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions. • http://secunia.com/advisories/17290 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2005-3013
https://notcve.org/view.php?id=CVE-2005-3013
21 Sep 2005 — Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry. • http://www.novell.com/linux/security/advisories/2005_22_sr.html •