901 items
Unread (4732) All Dismissed
CRITICAL
CVE-2005-0199 (CVSS 9.8) — Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote a...
NVD CVE-2005-0199 7718d ago
CRITICAL
CVE-2005-0269 (CVSS 9.8) — The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowe...
NVD CVE-2005-0269 7718d ago
CRITICAL
CVE-2005-1141 (CVSS 9.8) — Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allo...
NVD CVE-2005-1141 7735d ago
CRITICAL
CVE-2005-0496 (CVSS 9.8) — Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back do...
NVD CVE-2005-0496 7788d ago
CRITICAL
CVE-2005-0408 (CVSS 9.8) — CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash ...
NVD CVE-2005-0408 7795d ago
CRITICAL
CVE-2005-0102 (CVSS 9.8) — Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote ma...
NVD CVE-2005-0102 7816d ago
CRITICAL
CVE-2004-2154 (CVSS 9.8) — CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows atta...
NVD CVE-2004-2154 7840d ago
CRITICAL
CVE-2004-2214 (CVSS 9.8) — Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a...
NVD CVE-2004-2214 7840d ago
CRITICAL
CVE-2004-0285 (CVSS 9.8) — PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyL...
NVD CVE-2004-0285 7878d ago
CRITICAL
CVE-2004-0847 (CVSS 9.8) — The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass aut...
NVD CVE-2004-0847 7898d ago
CRITICAL
CVE-2004-0772 (CVSS 9.8) — Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and ea...
NVD CVE-2004-0772 7912d ago
CRITICAL
CVE-2004-1363 (CVSS 9.8) — Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via envir...
NVD CVE-2004-1363 7989d ago
CRITICAL
CVE-2004-2061 (CVSS 9.8) — RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open...
NVD CVE-2004-2061 7997d ago
CRITICAL
CVE-2004-0434 (CVSS 9.8) — k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 co...
NVD CVE-2004-0434 8017d ago
CRITICAL
CVE-2004-0005 (CVSS 9.8) — Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possi...
NVD CVE-2004-0005 8143d ago
CRITICAL
CVE-2004-0030 (CVSS 9.8) — PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) ...
NVD CVE-2004-0030 8186d ago
CRITICAL
CVE-2003-1233 (CVSS 9.8) — Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, suc...
NVD CVE-2003-1233 8206d ago
CRITICAL
CVE-2003-0545 (CVSS 9.8) — Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (cra...
NVD CVE-2003-0545 8250d ago
CRITICAL
CVE-2003-0899 (CVSS 9.8) — Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute...
NVD CVE-2003-0899 8264d ago
CRITICAL
CVE-2003-0791 (CVSS 9.8) — The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execut...
NVD CVE-2003-0791 8291d ago
CRITICAL
CVE-2003-0466 (CVSS 9.8) — Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may al...
NVD CVE-2003-0466 8332d ago
CRITICAL
CVE-2003-0252 (CVSS 9.8) — Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1....
NVD CVE-2003-0252 8341d ago
CRITICAL
CVE-2003-0356 (CVSS 9.8) — Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a...
NVD CVE-2003-0356 8411d ago
CRITICAL
CVE-2003-0174 (CVSS 9.8) — The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD ...
NVD CVE-2003-0174 8439d ago
CRITICAL
CVE-2002-1484 (CVSS 9.8) — DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web ...
NVD CVE-2002-1484 8459d ago
CRITICAL
CVE-2002-1798 (CVSS 9.1) — MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a...
NVD CVE-2002-1798 8571d ago
CRITICAL
CVE-2002-1816 (CVSS 9.8) — Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier all...
NVD CVE-2002-1816 8571d ago
CRITICAL
CVE-2002-1820 (CVSS 9.8) — register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a ca...
NVD CVE-2002-1820 8571d ago
CRITICAL
CVE-2002-2119 (CVSS 9.8) — Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote att...
NVD CVE-2002-2119 8571d ago
CRITICAL
CVE-2002-1347 (CVSS 9.8) — Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a ...
NVD CVE-2002-1347 8584d ago
CRITICAL
CVE-2002-0391 (CVSS 9.8) — Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or...
NVD CVE-2002-0391 8712d ago
CRITICAL
CVE-2002-0671 (CVSS 9.8) — Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications fro...
NVD CVE-2002-0671 8732d ago
CRITICAL
CVE-2002-0639 (CVSS 9.8) — Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary c...
NVD CVE-2002-0639 8752d ago
CRITICAL
CVE-2002-0059 (CVSS 9.8) — The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packa...
NVD CVE-2002-0059 8862d ago
CRITICAL
CVE-2002-0083 (CVSS 9.8) — Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malic...
NVD CVE-2002-0083 8862d ago
CRITICAL
CVE-2001-1481 (CVSS 9.8) — Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, wh...
NVD CVE-2001-1481 8936d ago
CRITICAL
CVE-2001-1496 (CVSS 9.8) — Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remo...
NVD CVE-2001-1496 8936d ago
CRITICAL
CVE-2001-0766 (CVSS 9.8) — Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access r...
NVD CVE-2001-0766 9010d ago
CRITICAL
CVE-2001-1125 (CVSS 9.8) — Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, ...
NVD CVE-2001-1125 9023d ago
CRITICAL
CVE-2001-0967 (CVSS 9.8) — Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords ...
NVD CVE-2001-0967 9058d ago
CRITICAL
CVE-2001-1155 (CVSS 9.8) — TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does n...
NVD CVE-2001-1155 9066d ago
CRITICAL
CVE-2001-0609 (CVSS 9.8) — Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain ...
NVD CVE-2001-0609 9087d ago
CRITICAL
CVE-2001-1291 (CVSS 9.8) — The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote a...
NVD CVE-2001-1291 9108d ago
CRITICAL
CVE-2001-0395 (CVSS 9.8) — Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which coul...
NVD CVE-2001-0395 9118d ago
CRITICAL
CVE-2001-0248 (CVSS 9.8) — Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by cr...
NVD CVE-2001-0248 9132d ago
CRITICAL
CVE-2001-0249 (CVSS 9.8) — Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by cr...
NVD CVE-2001-0249 9132d ago
CRITICAL
CVE-2001-1339 (CVSS 9.8) — Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad p...
NVD CVE-2001-1339 9157d ago
CRITICAL
CVE-2000-0944 (CVSS 9.8) — CGI Script Center News Update 1.1 does not properly validate the original news administration passwo...
NVD CVE-2000-0944 9313d ago
CRITICAL
CVE-2000-1218 (CVSS 9.8) — The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and X...
NVD CVE-2000-1218 9562d ago
CRITICAL
CVE-1999-1324 (CVSS 9.8) — VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable ...
NVD CVE-1999-1324 9667d ago
CRITICAL NVD Mon, 02 May 2005 04:00:00 UTC
CVE-2005-0199 (CVSS 9.8) — Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote a...
https://nvd.nist.gov/vuln/detail/CVE-2005-0199
TL;DR
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
CVE-2005-0199
Read full story ↗