11 results (0.010 seconds)

CVSS: 10.0EPSS: 1%CPEs: 42EXPL: 0

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. Vulnerabilidad de formato de cadena en libxml2 en versiones anteriores a 2.9.4 permite a atacantes tener un impacto no especificado a través de especificadores de formato de cadena en vectores desconocidos. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.openwall.com/lists/oss-security/2016/05/25/2 http://www • CWE-134: Use of Externally-Controlled Format String •

CVSS: 7.2EPSS: 0%CPEs: 24EXPL: 3

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. • https://www.exploit-db.com/exploits/19952 https://www.exploit-db.com/exploits/19953 https://www.exploit-db.com/exploits/19954 http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html http://www.securityfocus.com/bid/1239 •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 1

A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. • https://www.exploit-db.com/exploits/19463 http://www.securityfocus.com/bid/587 •

CVSS: 4.6EPSS: 0%CPEs: 14EXPL: 1

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. • https://www.exploit-db.com/exploits/19257 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433 •

CVSS: 10.0EPSS: 8%CPEs: 17EXPL: 2

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. • https://www.exploit-db.com/exploits/19086 https://www.exploit-db.com/exploits/19087 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368 •