Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openpkg openpkg vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-0985
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow malicious users to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
Php Php
Openpkg Openpkg 1.1
Openpkg Openpkg 1.2
515
VMScore
CVE-2003-0190
OpenSSH-portable (OpenSSH) 3.6.1p1 and previous versions with PAM support enabled immediately sends an error message when a user does not exist, which allows remote malicious users to determine valid usernames via a timing attack.
Openbsd Openssh
Openbsd Openssh 3.6.1
Openpkg Openpkg 1.3
Openpkg Openpkg 1.2
Siemens Scalance X204rna Ecc Firmware
Siemens Scalance X204rna Firmware
3 EDB exploits
890
VMScore
CVE-2004-0413
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote malicious users to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that ...
Subversion Subversion 1.0.4
Subversion Subversion 1.0
Subversion Subversion 1.0.1
Openpkg Openpkg
Openpkg Openpkg 2.0
Subversion Subversion 1.0.2
Subversion Subversion 1.0.3
383
VMScore
CVE-2003-0615
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote malicious users to insert web script via a URL that is fed into the form's action parameter.
Cgi.pm Cgi.pm 2.75
Cgi.pm Cgi.pm 2.751
Openpkg Openpkg 1.3
Openpkg Openpkg Current
Cgi.pm Cgi.pm 2.753
Cgi.pm Cgi.pm 2.76
Cgi.pm Cgi.pm 2.73
Cgi.pm Cgi.pm 2.74
Cgi.pm Cgi.pm 2.93
Openpkg Openpkg 1.2
Cgi.pm Cgi.pm 2.78
Cgi.pm Cgi.pm 2.79
Debian Debian Linux 3.0
1000
VMScore
CVE-2004-0333
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote malicious users to execute arbitrary code via a MIME archive with certain long MIME parameters.
Winzip Winzip 8.1
Uudeview Uudeview 0.5.18
Uudeview Uudeview 0.5.19
Openpkg Openpkg
Winzip Winzip 7.0
Winzip Winzip 8.0
Gentoo Linux 1.4
1 EDB exploit
700
VMScore
CVE-2004-0940
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
Openpkg Openpkg 2.0
Openpkg Openpkg 2.1
Openpkg Openpkg 2.2
Apache Http Server
Slackware Slackware Linux 9.0
Slackware Slackware Linux 8.1
Slackware Slackware Linux 10.0
Hp Hp-ux 11.11
Suse Suse Linux 9.2
Suse Suse Linux 9.0
Slackware Slackware Linux 8.0
Suse Suse Linux 8.2
Slackware Slackware Linux 9.1
Slackware Slackware Linux Current
Suse Suse Linux 8.0
Trustix Secure Linux 1.5
Hp Hp-ux 11.00
Hp Hp-ux 11.22
Suse Suse Linux 9.1
Hp Hp-ux 11.20
Suse Suse Linux 8.1
2 EDB exploits
515
VMScore
CVE-2004-0594
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote malicious users to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init func...
Openpkg Openpkg 2.0
Trustix Secure Linux 2.0
Hp Hp-ux B.11.23
Openpkg Openpkg 2.1
Hp Hp-ux B.11.11
Avaya Converged Communications Server 2.0
Trustix Secure Linux 1.5
Hp Hp-ux B.11.00
Trustix Secure Linux 2.1
Debian Debian Linux 3.0
Hp Hp-ux B.11.22
Php Php 5.0.0
Php Php
1 EDB exploit
890
VMScore
CVE-2004-0414
CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbit...
Cvs Cvs 1.11.14
Cvs Cvs 1.11.15
Cvs Cvs 1.12.1
Cvs Cvs 1.12.2
Sgi Propack 2.4
Sgi Propack 3.0
Cvs Cvs 1.11
Cvs Cvs 1.11.1
Cvs Cvs 1.11.1 P1
Cvs Cvs 1.11.3
Cvs Cvs 1.11.4
Cvs Cvs 1.12.8
Openpkg Openpkg
Cvs Cvs 1.10.7
Cvs Cvs 1.10.8
Cvs Cvs 1.11.16
Cvs Cvs 1.11.2
Cvs Cvs 1.12.5
Cvs Cvs 1.12.7
Cvs Cvs 1.11.10
Cvs Cvs 1.11.11
Cvs Cvs 1.11.5
1000
VMScore
CVE-2004-0416
Double free vulnerability for the error_prog_name string in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, may allow remote malicious users to execute arbitrary code.
Cvs Cvs 1.10.7
Cvs Cvs 1.10.8
Cvs Cvs 1.11
Cvs Cvs 1.11.16
Cvs Cvs 1.11.2
Cvs Cvs 1.12.5
Cvs Cvs 1.12.7
Cvs Cvs 1.11.10
Cvs Cvs 1.11.11
Cvs Cvs 1.11.5
Cvs Cvs 1.11.6
Openpkg Openpkg 1.3
Openpkg Openpkg 2.0
Cvs Cvs 1.11.14
Cvs Cvs 1.11.15
Cvs Cvs 1.12.1
Cvs Cvs 1.12.2
Sgi Propack 2.4
Sgi Propack 3.0
Cvs Cvs 1.11.1
Cvs Cvs 1.11.1 P1
Cvs Cvs 1.11.3
1 EDB exploit
445
VMScore
CVE-2004-0417
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, may allow remote malicious users to cause a server crash, which could cause temporary data to remain undeleted...
Cvs Cvs 1.11.1
Cvs Cvs 1.11.1 P1
Cvs Cvs 1.11.3
Cvs Cvs 1.11.4
Openpkg Openpkg
Openpkg Openpkg 1.3
Cvs Cvs 1.10.7
Cvs Cvs 1.11.14
Cvs Cvs 1.11.15
Cvs Cvs 1.12.1
Cvs Cvs 1.12.2
Sgi Propack 3.0
Cvs Cvs 1.10.8
Cvs Cvs 1.11
Cvs Cvs 1.11.16
Cvs Cvs 1.11.2
Cvs Cvs 1.12.5
Cvs Cvs 1.12.7
Cvs Cvs 1.12.8
Cvs Cvs 1.11.10
Cvs Cvs 1.11.11
Cvs Cvs 1.11.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »