CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2018-9336 – Slackware Security Advisory - openvpn Updates
https://notcve.org/view.php?id=CVE-2018-9336
27 Apr 2018 — openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation. openvpnserv.exe (también conocido como interactive service helper) en OpenVPN en versiones 2.4.x anteriores a la 2.4.6 permite que un atacante local provoque una doble liberaci... • http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761 • CWE-415: Double Free •
CVSS: 7.8EPSS: 79%CPEs: 109EXPL: 0CVE-2013-4854 – ISC BIND rdata Denial Of Service Vulnerability
https://notcve.org/view.php?id=CVE-2013-4854
26 Jul 2013 — The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. La implementación RFC en rdata.c en ISC BIND 9.7.x y 9.8.x anterior a 9.8.5-P2, ... • http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html •
CVSS: 9.8EPSS: 1%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
06 Apr 2007 — Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 •
CVSS: 7.8EPSS: 4%CPEs: 21EXPL: 3CVE-2004-0940 – Apache 1.3.31 mod_include - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0940
26 Oct 2004 — Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. • https://www.exploit-db.com/exploits/587 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 10.0EPSS: 5%CPEs: 42EXPL: 0CVE-2004-0891
https://notcve.org/view.php?id=CVE-2004-0891
21 Oct 2004 — Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. • http://gaim.sourceforge.net/security/?id=9 •
CVSS: 5.5EPSS: 0%CPEs: 27EXPL: 0CVE-2004-0880
https://notcve.org/view.php?id=CVE-2004-0880
24 Sep 2004 — getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. • http://marc.info/?l=bugtraq&m=109571883130372&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 27EXPL: 0CVE-2004-0881
https://notcve.org/view.php?id=CVE-2004-0881
24 Sep 2004 — getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir. • http://marc.info/?l=bugtraq&m=109571883130372&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 2CVE-2004-0424 – Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service
https://notcve.org/view.php?id=CVE-2004-0424
30 Apr 2004 — Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. Desbordamiento de enteros en la función ip_setsockopt en el kernel de Linux 2.4.22 a 2.4.25 y 2.6.1 a 2.6.3 permite a usuarios locales causar una denegación de servicio (caída) o ejecutar código arbitrario mediante la opción de socket MCAST_MSFILTER. • https://www.exploit-db.com/exploits/274 •
CVSS: 9.8EPSS: 26%CPEs: 31EXPL: 0CVE-2003-0962
https://notcve.org/view.php?id=CVE-2003-0962
10 Dec 2003 — Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. Desbordamiento de búfer en el montón en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar código arbitrario y posiblemente escapar del confinamiento chroot. • ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U •