Vulnerabilities (CVE)

Filtered by vendor Sgi Subscribe
Total 258 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-0605 8 Altlinux, Lesstif, Mandrakesoft and 5 more 11 Alt Linux, Lesstif, Mandrake Linux and 8 more 2024-11-20 7.5 HIGH N/A
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2005-0465 1 Sgi 1 Irix 2024-11-20 2.1 LOW N/A
gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.
CVE-2005-0464 1 Sgi 1 Irix 2024-11-20 2.1 LOW N/A
gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
CVE-2005-0398 6 Altlinux, Ipsec-tools, Kame and 3 more 7 Alt Linux, Ipsec-tools, Racoon and 4 more 2024-11-20 5.0 MEDIUM N/A
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2024-11-20 7.5 HIGH N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2005-0156 7 Ibm, Larry Wall, Redhat and 4 more 9 Aix, Perl, Enterprise Linux and 6 more 2024-11-20 2.1 LOW N/A
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2005-0139 1 Sgi 1 Irix 2024-11-20 7.5 HIGH N/A
Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities.
CVE-2005-0138 1 Sgi 1 Irix 2024-11-20 7.5 HIGH N/A
rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability.
CVE-2005-0113 1 Sgi 1 Irix 2024-11-20 7.2 HIGH N/A
inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.
CVE-2005-0005 6 Debian, Gentoo, Graphicsmagick and 3 more 6 Debian Linux, Linux, Graphicsmagick and 3 more 2024-11-20 7.5 HIGH N/A
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
CVE-2004-2002 1 Sgi 1 Irix 2024-11-20 5.0 MEDIUM N/A
Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet.
CVE-2004-2001 1 Sgi 1 Irix 2024-11-20 4.6 MEDIUM N/A
ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.
CVE-2004-1891 1 Sgi 1 Irix 2024-11-20 5.0 MEDIUM N/A
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.
CVE-2004-1890 1 Sgi 1 Irix 2024-11-20 5.0 MEDIUM N/A
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via the PORT mode.
CVE-2004-1889 1 Sgi 1 Irix 2024-11-20 5.0 MEDIUM N/A
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows.
CVE-2004-1613 3 Mozilla, Redhat, Sgi 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-20 5.0 MEDIUM N/A
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
CVE-2004-1471 6 Cvs, Freebsd, Gentoo and 3 more 6 Cvs, Freebsd, Linux and 3 more 2024-11-20 7.1 HIGH N/A
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
CVE-2004-1307 10 Apple, Avaya, Conectiva and 7 more 19 Mac Os X, Mac Os X Server, Call Management System Server and 16 more 2024-11-20 7.5 HIGH N/A
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
CVE-2004-1184 4 Gnu, Redhat, Sgi and 1 more 4 Enscript, Fedora Core, Propack and 1 more 2024-11-20 4.6 MEDIUM N/A
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
CVE-2004-1145 7 Altlinux, Conectiva, Debian and 4 more 9 Alt Linux, Linux, Debian Linux and 6 more 2024-11-20 5.0 MEDIUM N/A
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.