CVSS: 9.8EPSS: 1%CPEs: 117EXPL: 0CVE-2008-5516
https://notcve.org/view.php?id=CVE-2008-5516
20 Jan 2009 — The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search. La interfaz web en git (gitweb) versiones 1.5.x anteriores a 1.5.5, permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres de shell relacionados con git_search. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4832
https://notcve.org/view.php?id=CVE-2008-4832
17 Nov 2008 — rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. rc.sysinit en el paquete initscripts en sus versiones 8.12-8.21 y 8.56.15-0.1 de rPath permite a usuarios locales borrar archivos arbi... • http://secunia.com/advisories/32710 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 1%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
06 Apr 2007 — Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 •
CVSS: 10.0EPSS: 44%CPEs: 13EXPL: 3CVE-2004-0557 – SoX - '.wav' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0557
02 Aug 2004 — Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Múltiples desbordamientos de búfer en Sound eXchange (SoX) anteriores a 12.17 permite a atacantes remotos ejecutar código arbitrario mediante ciertos campos de cabecera de ficheros WAV. • https://www.exploit-db.com/exploits/374 •
CVSS: 7.8EPSS: 0%CPEs: 55EXPL: 0CVE-2004-0495
https://notcve.org/view.php?id=CVE-2004-0495
23 Jun 2004 — Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. Múltiples vulnerabilidades desconocidas en el kernel de Linux 2.4 y 2.6 permiten a usuarios locales ganar privilegios o acceder a memoria del kernel, como se ha encontrado mediante la herramienta de comprobación de código fuente "Sparse". • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 •
CVSS: 5.5EPSS: 0%CPEs: 55EXPL: 1CVE-2004-0554 – Linux Kernel 2.4.x/2.6.x - Assembler Inline Function Local Denial of Service
https://notcve.org/view.php?id=CVE-2004-0554
15 Jun 2004 — Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. El kernel de Linux 2.4.2x y 2.6.x para x86 permite a usuarios locales causar una denegación de servicio (caída del sistema), posiblemente mediante un bucle infinito que dispara un manejador de señal con una cierta secuencia de instruccion... • https://www.exploit-db.com/exploits/306 •
CVSS: 7.1EPSS: 0%CPEs: 93EXPL: 0CVE-2004-0535
https://notcve.org/view.php?id=CVE-2004-0535
08 Jun 2004 — The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otra... • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1CVE-2000-0118 – RedHat Linux 5.2 i386/6.0 - No Logging
https://notcve.org/view.php?id=CVE-2000-0118
09 Jun 1999 — The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. • https://www.exploit-db.com/exploits/19255 •
CVSS: 10.0EPSS: 16%CPEs: 10EXPL: 2CVE-1999-0002 – RedHat Linux 5.1 / Caldera OpenLinux Standard 1.2 - Mountd
https://notcve.org/view.php?id=CVE-1999-0002
12 Oct 1998 — Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. • https://www.exploit-db.com/exploits/19096 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 1CVE-1999-0042 – Linux imapd - Remote Overflow / File Retrieve
https://notcve.org/view.php?id=CVE-1999-0042
07 Apr 1997 — Buffer overflow in University of Washington's implementation of IMAP and POP servers. • https://www.exploit-db.com/exploits/340 •