| Metric | ID | Date
Public | Name |
|---|
| 108.16 | VU#16532 | 11/10/1999 | BIND T_NXT record processing may cause buffer overflow |
| 87.72 | VU#29823 | 06/23/2000 | Format string input validation error in wu-ftpd site_exec() function |
| 48.19 | VU#382365 | 09/25/2000 | LPRng can pass user-supplied input as a format string parameter to syslog() calls |
| 38.95 | VU#137024 | 01/16/2001 | Compaq web-enabled management software contains buffer overflow in authentication username |
| 38.9 | VU#572183 | 01/29/2001 | ISC BIND 4 contains buffer overflow in nslookupComplain() |
| 33.07 | VU#715973 | 11/07/2000 | ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug" |
| 24.84 | VU#169841 | 10/15/2002 | dvips uses system() function insecurely thereby allowing arbitrary command execution |
| 21.93 | VU#403051 | 05/29/2001 | GnuPG format string vulnerability in do_get() in ttyio.c while prompting for a new filename |
| 21.37 | VU#368819 | 03/11/2002 | Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures |
| 21.37 | VU#798263 | 09/08/2001 | Taylor UUCP Package fails to properly filter command line arguments |
| 18 | VU#757612 | 05/28/2003 | Apache Portable Runtime contains heap buffer overflow in apr_psprintf() |
| 17.1 | VU#592425 | 02/02/2006 | Mozilla-based products fail to validate user input to the attribute name in "XULDocument.persist" |
| 16.49 | VU#600777 | 09/26/2002 | gv contains buffer overflow in sscanf() function |
| 15.82 | VU#134025 | 02/07/2003 | kernel-utils sets insecure permissions on "uml_net" utility |
| 14.06 | VU#39001 | 01/08/2000 | lpd allows options to be passed to sendmail |
| 13.35 | VU#670568 | 04/23/2001 | Samba creates temporary files insecurely |
| 12.6 | VU#291924 | 03/28/2005 | Multiple Telnet clients fail to properly handle the "LINEMODE" SLC suboption |
| 12.57 | VU#361181 | 09/26/2005 | Helix Player format string vulnerability |
| 11.39 | VU#814198 | 03/23/2003 | SSH Tectia Server contains a race condition when the password change plugin is enabled |
| 11.22 | VU#275979 | 10/01/2001 | Compaq web-enabled management software buffer overflow vulnerability |
| 9.81 | VU#991240 | 03/22/2001 | Compaq web-enabled management software acts as generic proxy |
| 9.61 | VU#704976 | 11/22/2000 | Aladdin Ghostscript LD_RUN_PATH environment variable allows libraries to be loaded from current directory |
| 9.44 | VU#680620 | 07/02/2005 | zlib inflate() routine vulnerable to buffer overflow |
| 9.44 | VU#853097 | 05/18/2009 | ntpd autokey stack buffer overflow |
| 9.21 | VU#698640 | 02/08/2001 | Linux kernel does not properly validate user input via sysctl for negative value |
| 9.11 | VU#684913 | 06/20/2005 | Ruby library contains vulnerable default value |
| 8.85 | VU#13145 | 11/10/1999 | BIND memcpy not bounded in case T_SIG of rrextract() |
| 8.85 | VU#369358 | 09/15/2004 | GdkPixbuf XPM parser contains a stack overflow vulnerability |
| 8.85 | VU#729894 | 09/15/2004 | GdkPixbuf XPM parser contains a heap overflow vulnerability |
| 8.82 | VU#787448 | 09/27/2006 | OpenSSH fails to properly handle multiple identical blocks in a SSH packet |
| 8.43 | VU#680260 | 08/26/2003 | pam_smb module contains remote buffer overflow |
| 8.1 | VU#820798 | 01/14/2004 | KDE Personal Information Management suite "kdepim" contains a buffer overflow vulnerability in VCF information reader |
| 8.08 | VU#518782 | 07/06/2004 | Ethereal fails to properly handle malformed SMB packets |
| 8.08 | VU#829422 | 07/06/2004 | Ethereal fails to properly handle malformed iSNS packets |
| 8.08 | VU#835846 | 07/06/2004 | Ethereal fails to properly handle malfored SNMP packets |
| 7.87 | VU#30308 | 01/08/2000 | lpd hostname authentication bypassed with spoofed DNS |
| 7.59 | VU#22091 | 03/22/2000 | gpm-root fails to correctly release GID 0 membership for user defined menus |
| 7.42 | VU#102441 | 09/12/2005 | Multiple X servers fail to properly allocate memory for large pixmaps |
| 7.03 | VU#527736 | 04/11/2001 | mkpasswd uses weak random number generator |
| 5.73 | VU#230307 | 02/25/2002 | Linux kernel netfilter IRC DCC helper module creates overly permissive firewall rules |
| 5.01 | VU#196617 | 04/16/2009 | Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data |
| 4.86 | VU#230561 | 02/24/2003 | gnome-terminal allows arbitrary command execution when viewing files containing crafted escape sequences |
| 4.5 | VU#579928 | 01/10/2001 | diffutils sdiff creates temporary files insecurely |
| 4.32 | VU#570952 | 12/20/2000 | Redhat Linux diskcheck.pl creates predictable temporary file and fails to check for existing symbolic link of same name |
| 3.75 | VU#891177 | 10/01/2002 | PostgreSQL VACUUM command allows unprivileged user to remove database transaction log data |
| 3.37 | VU#401808 | 04/15/2001 | exuberant-ctags creates temporary files insecurely |
| 3.37 | VU#481998 | 09/15/2004 | Apache vulnerable to buffer overflow when expanding environment variables |
| 3.03 | VU#25701 | 07/27/2000 | Linux gpm daemon allows arbitrary file removal |
| 3.03 | VU#35842 | 07/03/2000 | man 'makewhatis' insecurely uses /tmp |
| 2.95 | VU#174086 | 01/14/2004 | tcpdump contains vulnerability in ISAKMP decoding function rawprint() in print-isakmp.c |
| 2.95 | VU#337238 | 01/16/2004 | Red Hat Enterprise Linux kernel-2.4.21 does not perform adequate checking of eflags when in 32-bit ptrace emulation mode |
| 2.95 | VU#738518 | 01/14/2004 | tcpdump contains vulnerability in ISAKMP decoding routine |
| 2.95 | VU#955526 | 01/14/2004 | tcpdump contains vulnerability in RADIUS decoding function print_attr_string() in print-radius.c |
| 2.7 | VU#561022 | 05/29/2004 | Mozilla contains a buffer overflow in the SendUidl() function |
| 1.77 | VU#577654 | 09/15/2004 | GdkPixbuf ICO parser contains an integer overflow vulnerability |
| 1.77 | VU#825374 | 09/15/2004 | GdkPixbuf BMP parser may enter an infinite loop |
| 1.65 | VU#851340 | 09/29/2006 | OpenSSH contains a race condition vulnerability |
| 1.62 | VU#606700 | 03/19/2007 | file integer overflow vulnerability |
| 1.44 | VU#744929 | 08/31/2005 | mod_ssl fails to properly enforce client certificates authentication |
| 1.39 | VU#801526 | 02/03/2004 | util-linux login program discloses sensitive information |
| 1.26 | VU#356409 | 02/11/2005 | mod_python vulnerable to information disclosure via crafted URL |
| 1.12 | VU#396272 | 01/10/2001 | mgetty creates temporary files insecurely |
| 0.96 | VU#814557 | 05/24/2005 | GNOME gedit contains format string vulnerability |
| 0.63 | VU#110297 | 04/12/2007 | Flash Player information disclosure vulnerability |
| 0.23 | VU#312692 | 05/31/2006 | Shadow Utils useradd utility sets incorrect file permissions |
| 0.21 | VU#626919 | 11/13/2000 | Race condition in periodic |
| 0.05 | VU#243681 | 06/29/2006 | OpenOffice.org may fail to properly contain certain Java applets |
| 0.03 | VU#245984 | 10/19/2006 | The Red Hat Enterprise Linux 3 SMP Kernel fails to properly handle IPC shared-memory |
| 0 | VU#120541 | 11/05/2009 | SSL and TLS protocols renegotiation vulnerability |
| 0 | VU#34043 | 07/16/2000 | rpc.statd vulnerable to remote root compromise via format string stack overwrite |