CVSS: 8.8EPSS: 16%CPEs: 23EXPL: 0CVE-2004-0688 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0688
24 Sep 2004 — Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. Múltiples desbordamientos de búfer en xpmParseColors en parse.c de libXpm anteriores a 6.8.1 permite a atacantes remotos ejecutar código arbitrario mediante un fichero de imagen XPM malformado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924 •
CVSS: 9.8EPSS: 19%CPEs: 23EXPL: 1CVE-2004-0687 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0687
24 Sep 2004 — Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. Múltiples desbordamientos de búfer basados en la pila en (1) xpmParseColors en parse.c, (2) ParseAndPutPixels en create.c, y (3) ParsePixels en parse.c de libXpm anteriores a 6.8.1 permite a atacantes remotos ejecutar código de su elección mediante una imagen XPM malfo... • https://packetstorm.news/files/id/170620 •
CVSS: 9.1EPSS: 2%CPEs: 3EXPL: 0CVE-2004-0419
https://notcve.org/view.php?id=CVE-2004-0419
03 Jun 2004 — XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. XDM en XFree86 abre una un socket TCP chooserFd incluso cuando DisplayManger.requestPort es 0, lo que podría permitir a atacantes remotos conectar al puerto, violando las restricciones pretendidas. • http://bugs.xfree86.org/show_bug.cgi?id=1376 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2004-1920
https://notcve.org/view.php?id=CVE-2004-1920
10 Apr 2004 — X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" username and password, which could allow remote attackers to gain access. • http://marc.info/?l=bugtraq&m=108162529229947&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 1CVE-2004-1921
https://notcve.org/view.php?id=CVE-2004-1921
10 Apr 2004 — X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could allow remote attackers to gain access. • http://marc.info/?l=bugtraq&m=108213608111111&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2003-1155
https://notcve.org/view.php?id=CVE-2003-1155
31 Dec 2003 — X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file. • http://secunia.com/advisories/10162 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2002-0916
https://notcve.org/view.php?id=CVE-2002-0916
04 Oct 2002 — Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0087.html •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0965
https://notcve.org/view.php?id=CVE-1999-0965
19 Sep 1997 — Race condition in xterm allows local users to modify arbitrary files via the logging option. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0965 •
CVSS: 10.0EPSS: 75%CPEs: 1EXPL: 1CVE-1999-0526 – X11 No-Auth Scanner
https://notcve.org/view.php?id=CVE-1999-0526
01 Jul 1997 — An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server. • https://packetstorm.news/files/id/180970 •