Page 4 of 40 results (0.016 seconds)

CVSS: 5.0EPSS: 9%CPEs: 6EXPL: 1

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. • https://www.exploit-db.com/exploits/27993 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html http://secunia.com/advisories/20525 http://secunia.com/advisories/20591 http://secunia.com/advisories/20638 http://secunia.com/advisories/20791 http://secunia.com/advisories/21062 http://secunia.com/advisories/21135 http://secunia.com/advisories/21385 http://secunia.com/advisories/21701 http:&#x • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 7%CPEs: 4EXPL: 0

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer." • http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c3ceb4fb9667f34f1599a062efecf4cdc4a4ce5 http://secunia.com/advisories/20716 http://secunia.com/advisories/21465 http://secunia.com/advisories/22417 http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://www.redhat.com/support/errata/RHSA-2006-0575.html http://www.securityfocus.com/bid/17955 http://www.trustix.org/errata/2006/0026 http://www.ubuntu.com/usn/usn-302-1 https:/&#x • CWE-667: Improper Locking •

CVSS: 4.3EPSS: 4%CPEs: 7EXPL: 0

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html http://secunia.com/advisories/19631 http://secunia.com/advisories/19649 http://secunia.com/advisories/19696 http://secunia.com/advisories/19714 http://secunia.com/advisories/19721 http://secunia.com/advisories/19729 http://secunia.com/advisories/19746 http:&#x • CWE-20: Improper Input Validation •

CVSS: 7.6EPSS: 6%CPEs: 9EXPL: 0

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview". • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html http://secunia.com/advisories/19631 http://secunia.com/advisories/19649 http://secunia.com/advisories/19696 http://secunia.com/advisories/19714 http://secunia.com/advisories/19721 http://secunia.com/advisories/19729 http://secunia.com/advisories/19746 http:&#x •

CVSS: 9.3EPSS: 26%CPEs: 9EXPL: 0

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html http://secunia.com/advisories/19631 http://secunia.com/advisories/19649 http://secunia.com/advisories/19696 http://secunia.com/advisories/19714 http://secunia.com/advisories/19721 http://secunia.com/advisories/19729 http://secunia.com/advisories/19746 http:&#x •