Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ulf harnhammar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1228
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 up to and including 1.3.5 allows remote malicious users to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Gnu Gzip 1.2.4
Gnu Gzip 1.3.3
NA
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.11
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
Freebsd Freebsd 4.9
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Turbolinux Turbolinux Appliance Server 1.0 Hosting
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Ubuntu Ubuntu Linux 4.1
Freebsd Freebsd 4.0
Freebsd Freebsd 4.10
Freebsd Freebsd 4.3
Freebsd Freebsd 4.8
NA
CVE-2007-2953
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and previous versions, and 7.x up to 7.1, allows user-assisted remote malicious users to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the help...
Vim Development Group Vim 7.1
Vim Development Group Vim 7.1.38
Vim Development Group Vim
Vim Development Group Vim 7.0
NA
CVE-2007-1002
Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote malicious users to execute arbitrary code via format specifiers in the categories of ...
Evolution Shared Memo 2.8.2.1
NA
CVE-2008-0072
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and previous versions allows remote malicious users to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
Gnome Evolution
9.8
CVSSv3
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and previous versions allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Invisible-island Lynx
Debian Debian Linux 3.1
Debian Debian Linux 3.0
1 EDB exploit
NA
CVE-2005-0806
Evolution 2.0.3 allows remote malicious users to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
Ximian Evolution 2.0.3
NA
CVE-2005-0105
Unknown vulnerability in typespeed 0.4.1 and previous versions allows local users to gain privileges.
Typespeed Typespeed 0.4.1
1 EDB exploit
NA
CVE-2005-3862
Buffer overflow in unalz prior to 0.53 allows remote malicious users to execute arbitrary code via long file names in ALZ archives.
Unalz Unalz 0.31
Unalz Unalz 0.4
Unalz Unalz 0.2
Unalz Unalz 0.22
Unalz Unalz 0.52
Unalz Unalz 0.23
Unalz Unalz 0.3
Unalz Unalz 0.5
Unalz Unalz 0.51
1 EDB exploit
NA
CVE-2005-2967
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 up to and including 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
Xine Xine-lib 1.0
Xine Xine-lib 1.0.1
Xine Xine-lib 0.9.13
Xine Xine-lib 1.0.2
Xine Xine-lib 1.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »