Openpkg
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Openpkg.
By the Year
In 2024 there have been 0 vulnerabilities in Openpkg . Openpkg did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Openpkg vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Openpkg Security Vulnerabilities
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents
CVE-2004-0940
7.8 - High
- February 09, 2005
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
Incorrect Calculation of Buffer Size
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may
CVE-2004-0772
9.8 - Critical
- October 20, 2004
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
Double-free
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file
CVE-2004-0421
- August 18, 2004
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Out-of-bounds Read
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled
CVE-2004-0594
- July 27, 2004
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
TOCTTOU
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which
CVE-2003-0190
- May 12, 2003
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
Side Channel Attack
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may
CVE-2002-0985
- September 24, 2002
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
Argument Injection
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2
CVE-2002-0083
9.8 - Critical
- March 15, 2002
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
off-by-five