Category: CVE Validated

CVE-2016-2518 (clustered_data_ontap, communications_user_data_repository, data_ontap, debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_server_tus, enterprise_linux_workstation, freebsd, linux, ntp, oncommand_balance, oncommand_performance_manager, oncommand_unified_manager_for_clustered_data_ontap, simatic_net_cp_443-1_opc_ua_firmware)

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

Read More

CVE-2009-0127 (m2crypto)

** DISPUTED ** M2Crypto does not properly check the return value from the OpenSSL EVP_VerifyFinal, DSA_verify, ECDSA_verify, DSA_do_verify, and ECDSA_do_verify functions, which might allow remote attackers to bypass validation...

Read More

CVE-2003-1228 (mathopd)

Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code...

Read More

CVE-2005-0824 (mathopd)

The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dump files that are triggered by...

Read More