CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6294
https://notcve.org/view.php?id=CVE-2020-6294
12 Aug 2020 — Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity. Xvfb de SAP Business Objects Business Intelligence Platform, versiones - 4.2, 4.3, una plataforma en Unix no lleva a cabo ninguna comprobación de autenticación para las funcionalidades que requieren la identidad del usuario • https://launchpad.support.sap.com/#/notes/2927956 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-4606
https://notcve.org/view.php?id=CVE-2019-4606
12 Dec 2019 — IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. By using a executable file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 168298. La carga de IBM DB2 High Performance Unload para LUW versiones 6.1 y 6.5, podría permitir a un atacante local ejecutar código arbitrario en el sistema, causado por una vulnerabilidad de ruta de bús... • https://exchange.xforce.ibmcloud.com/vulnerabilities/168298 • CWE-426: Untrusted Search Path •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0CVE-2019-4523
https://notcve.org/view.php?id=CVE-2019-4523
22 Oct 2019 — IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481. Una carga de IBM DB2 High Performance Unload para LUW versiones 6.1 y 6.5, es vulnerable a un desbordamiento del búfer, causado por una comprobación de límites inapropiada que podría permitir a un atacante local ejecutar código arbitrario en el sistema con privil... • https://exchange.xforce.ibmcloud.com/vulnerabilities/165481 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 1%CPEs: 2EXPL: 0CVE-2019-15162 – Apple Security Advisory 2019-12-10-3
https://notcve.org/view.php?id=CVE-2019-15162
03 Oct 2019 — rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. El archivo rpcapd/daemon.c en libpcap versiones anteriores a 1.9.1, en plataformas diferentes de Windows proporciona detalles sobre por qué falló la autenticación, lo que podría hacer más fácil para que atacantes enumeren nombres de usuario válidos. macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 201... • http://seclists.org/fulldisclosure/2019/Dec/26 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2019-9895 – Debian Security Advisory 4423-1
https://notcve.org/view.php?id=CVE-2019-9895
21 Mar 2019 — In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. En PuTTY, en versiones anteriores a la 0.71 en Unix, existe un desbordamiento de búfer desencadenable remotamente en cualquier tipo de redirección servidor-a-cliente. Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially b... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-6184
https://notcve.org/view.php?id=CVE-2014-6184
22 Feb 2015 — Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors. Desbordamiento de buffer basado en pila en dsmtca en el cliente en IBM Tivoli Storage Manager (TSM) 5.4 hasta 5.4.3.6, 5.5 hasta 5.5.4.3, 6.1 hasta 6.1.5.6, 6.2 anterior a 6.2.5.4, y 6.3 anterior a 6.3.2.3 en UNIX, Linux, y OS X p... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT05707 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 22%CPEs: 3EXPL: 0CVE-2014-2648 – HP Security Bulletin HPSBMU03127
https://notcve.org/view.php?id=CVE-2014-2648
09 Oct 2014 — Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP Operations Manager 9.10 y 9.11 en UNIX permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. A potential security vulnerability has been identified with HP Operations Manager for UNIX. The vulnerability can be exploited remotely to execute arbitrary code. Revision 1 of this advisory. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472866 •
CVSS: 9.8EPSS: 5%CPEs: 13EXPL: 0CVE-2011-4374 – acroread: multiple code execution flaws (APSB11-24)
https://notcve.org/view.php?id=CVE-2011-4374
19 Jan 2012 — Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Reader v9.x antes de v9.4.6 en Linux permite a los atacantes ejecutar código de su elección a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb11-24.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 93%CPEs: 6EXPL: 1CVE-2011-2462 – Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2011-2462
07 Dec 2011 — Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. Vulnerabilidad no especificada en el componente de U3D en Adobe Reader y Acrobat v10.1.1 y versiones anteriores para Windows y Mac OS X, y Adobe Reader v9.x hasta v9.4.6 en UNIX, permite... • https://www.exploit-db.com/exploits/18366 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2007-5616
https://notcve.org/view.php?id=CVE-2007-5616
09 Jan 2008 — ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors. ssh-signer en SSH Tectia Client y Server 5.x anterior a 5.2.4, y 5.3.x anterior a 5.3.6, sobre Unix y Linux permite a usuarios locales ganar privilegios a través de vectores no especificados. • http://secunia.com/advisories/28247 •