Openpkg

openpkg

27 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Openpkg

openpkg

27 CVEs

CVEs (27)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-5116 4Larry Wall MandrakesoftOpenpkg+1 more 4Enterprise Linux Mandrake Multi Network FirewallOpenpkg+1 more Apr 23, 2026 Nov 7, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters i...Show more Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.Show less
CVE-2004-0990 5Gd Graphics Library GentooOpenpkg+2 more 5Gdlib LinuxOpenpkg+2 more Apr 16, 2026 Mar 1, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image ro...Show more Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.Show less
CVE-2004-0957 6Openpkg OracleRedhat+3 more 7Enterprise Linux Enterprise Linux DesktopMysql+4 more Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow th...Show more Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.Show less
CVE-2004-0940 6Apache HpOpenpkg+3 more 6Hp Ux Http ServerOpenpkg+3 more Apr 16, 2026 Feb 9, 2005 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a lengt...Show more Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.Show less
CVE-2004-0918 6Gentoo OpenpkgRedhat+3 more 6Fedora Core LinuxOpenpkg+3 more Apr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length f...Show more The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.Show less
CVE-2004-1065 4Openpkg PhpTrustix+1 more 4Openpkg PhpSecure Linux+1 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
CVE-2004-1019 4Openpkg PhpTrustix+1 more 4Openpkg PhpSecure Linux+1 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "infor...Show more The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.Show less
CVE-2004-1013 6Carnegie Mellon University ConectivaOpenpkg+3 more 6Cyrus Imap Server Fedora CoreLinux+3 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p")...Show more The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.Show less
CVE-2004-1012 6Carnegie Mellon University ConectivaOpenpkg+3 more 6Cyrus Imap Server Fedora CoreLinux+3 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body...Show more The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.Show less
CVE-2004-1011 6Carnegie Mellon University ConectivaOpenpkg+3 more 6Cyrus Imap Server Fedora CoreLinux+3 more Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulner...Show more Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.Show less
CVE-2004-1471 6Cvs FreebsdGentoo+3 more 6Cvs FreebsdLinux+3 more Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 7.1 HIGH· v2 Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute a...Show more Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.Show less
CVE-2004-0333 4Gentoo OpenpkgUudeview+1 more 4Linux OpenpkgUudeview+1 more Apr 16, 2026 Nov 23, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
CVE-2004-0772 3Debian MitOpenpkg 3Debian Linux Kerberos 5Openpkg Apr 16, 2026 Oct 20, 2004 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
CVE-2005-0373 6Apple ConectivaCyrus+3 more 8Fedora Core LinuxMac Os X+5 more Apr 16, 2026 Oct 7, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary cod...Show more Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.Show less
CVE-2004-0421 4Libpng OpenpkgRedhat+1 more 6Enterprise Linux Enterprise Linux DesktopLibpng+3 more Apr 16, 2026 Aug 18, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creatin...Show more The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.Show less
CVE-2004-0418 5Cvs GentooOpenbsd+2 more 5Cvs LinuxOpenbsd+2 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrar...Show more serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.Show less
CVE-2004-0417 5Cvs GentooOpenbsd+2 more 5Cvs LinuxOpenbsd+2 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data...Show more Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.Show less
CVE-2004-0416 5Cvs GentooOpenbsd+2 more 5Cvs LinuxOpenbsd+2 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
CVE-2004-0414 5Cvs GentooOpenbsd+2 more 5Cvs LinuxOpenbsd+2 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of criti...Show more CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.Show less
CVE-2004-0413 2Openpkg Subversion 2Openpkg Subversion Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibl...Show more libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.Show less

12 Next