Filtered by vendor Sgi Subscriptions
Total 259 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-1613 3 Mozilla, Redhat, Sgi 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more 2026-04-16 N/A
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2026-04-16 N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2005-0759 3 Imagemagick, Redhat, Sgi 3 Imagemagick, Enterprise Linux, Propack 2026-04-16 N/A
ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.
CVE-2005-1043 7 Apple, Conectiva, Peachtree and 4 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2003-0688 6 Compaq, Freebsd, Openbsd and 3 more 7 Tru64, Freebsd, Openbsd and 4 more 2026-04-16 N/A
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
CVE-1999-0019 7 Data General, Ibm, Ncr and 4 more 10 Dg Ux, Aix, Mp-ras and 7 more 2026-04-16 N/A
Delete or create a file via rpc.statd, due to invalid information.
CVE-1999-0022 6 Bsdi, Freebsd, Hp and 3 more 7 Bsd Os, Freebsd, Hp-ux and 4 more 2026-04-16 7.8 High
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
CVE-1999-0025 1 Sgi 1 Irix 2026-04-16 N/A
root privileges via buffer overflow in df command on SGI IRIX systems.
CVE-1999-0018 3 Ibm, Sgi, Sun 4 Aix, Irix, Solaris and 1 more 2026-04-16 N/A
Buffer overflow in statd allows root privileges.
CVE-2023-6917 2 Redhat, Sgi 2 Enterprise Linux, Performance Co-pilot 2026-02-25 6 Medium
A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
CVE-2012-2150 2 Redhat, Sgi 2 Enterprise Linux, Xfsprogs 2025-04-12 N/A
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
CVE-2012-3418 1 Sgi 1 Performance Co-pilot 2025-04-11 N/A
libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c; (7) certain input to the __pmDecodeResult function in p_result.c; (8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c; (9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c; (10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c; (11) the buflen field to the __pmDecodeText function in p_text.c; (12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c; or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads.
CVE-2012-3419 1 Sgi 1 Performance Co-pilot 2025-04-11 N/A
Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments.
CVE-2012-3420 1 Sgi 1 Performance Co-pilot 2025-04-11 N/A
Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c.
CVE-2012-3421 1 Sgi 1 Performance Co-pilot 2025-04-11 N/A
The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."
CVE-2012-5530 1 Sgi 1 Performance Co-pilot 2025-04-11 N/A
The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.
CVE-2010-2594 7 Ibm, Intersect Alliance, Linux and 4 more 14 Aix, Snare Agent, Snare Epilog and 11 more 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.
CVE-2010-1039 3 Hp, Ibm, Sgi 5 Hp-ux, Nfs\/oncplus, Aix and 2 more 2025-04-11 N/A
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
CVE-2011-3337 4 Eeye, Hp, Sgi and 1 more 5 Digital Security Audits, Retina Network Security Scanner, Hp-ux and 2 more 2025-04-11 N/A
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/.