Vulnerabilities (CVE)

Filtered by CWE-367
Total 344 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1743 1 Microsoft 1 Internet Explorer 2024-02-28 5.1 MEDIUM N/A
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.
CVE-2005-1111 3 Canonical, Debian, Gnu 3 Ubuntu Linux, Debian Linux, Cpio 2024-02-28 3.7 LOW 4.7 MEDIUM
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
CVE-2003-0813 1 Microsoft 5 Windows 2000, Windows 98, Windows Nt and 2 more 2024-02-28 5.1 MEDIUM N/A
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.
CVE-2004-0594 6 Avaya, Debian, Hp and 3 more 6 Converged Communications Server, Debian Linux, Hp-ux and 3 more 2024-02-28 5.1 MEDIUM N/A
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.