Page 4 of 36 results (0.007 seconds)

CVSS: 2.1EPSS: 0%CPEs: 24EXPL: 1

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. • http://tigger.uic.edu/~jlongs2/holes/cups2.txt http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 http://www.redhat.com/support/errata/RHSA-2005-013.html http://www.redhat.com/support/errata/RHSA-2005-053.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18606 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398 https://usn.ubuntu.com/50-1 https://access. •

CVSS: 9.3EPSS: 6%CPEs: 4EXPL: 0

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl2.patch ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html http://marc.info/?t=110378596500001&r=1&w=2 http://secunia.com/advisories/17277 http://securitytracker.com/id?1012646 http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.gentoo.org&# • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 51EXPL: 0

NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •

CVSS: 10.0EPSS: 3%CPEs: 51EXPL: 0

Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://lists.apple.com/archives/security-announce/2004/Oct/msg00001.html http://www.securityfocus.com/bid/11322 •

CVSS: 5.0EPSS: 0%CPEs: 51EXPL: 0

ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •