Total
250630 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0352 | 2 3com, Symbol | 2 3crwe747a, 41x1 Access Point | 2023-12-10 | 5.0 MEDIUM | N/A |
SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB. | |||||
CVE-2000-0470 | 1 Allegro | 1 Rom Pager | 2023-12-10 | 7.5 HIGH | N/A |
Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request. | |||||
CVE-2004-0959 | 1 Php | 1 Php | 2023-12-10 | 2.1 LOW | N/A |
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified. | |||||
CVE-1999-1140 | 1 Alec Muffet | 1 Cracklib | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field. | |||||
CVE-2001-1501 | 1 Proftpd Project | 1 Proftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument. | |||||
CVE-2001-0315 | 1 Khaled Mardam-bey | 1 Mirc | 2023-12-10 | 7.5 HIGH | N/A |
The locking feature in mIRC 5.7 allows local users to bypass the password mechanism by modifying the LockOptions registry key. | |||||
CVE-1999-0035 | 2 Gnu, Sgi | 2 Inet, Irix | 2023-12-10 | 5.1 MEDIUM | N/A |
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. | |||||
CVE-2002-1383 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2023-12-10 | 10.0 HIGH | N/A |
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. | |||||
CVE-2003-0325 | 1 Ambrosia Software | 1 Maelstrom | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument. | |||||
CVE-2003-0405 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2023-12-10 | 5.0 MEDIUM | N/A |
Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command. | |||||
CVE-2004-0783 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688). | |||||
CVE-2002-1563 | 1 Stunnel | 1 Stunnel | 2023-12-10 | 1.2 LOW | N/A |
stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. | |||||
CVE-1999-0901 | 1 Linux-nis | 1 Ypserv | 2023-12-10 | 7.2 HIGH | N/A |
ypserv allows a local user to modify the GECOS and login shells of other users. | |||||
CVE-2002-1808 | 1 Zack Coburn | 1 Meunity Community System | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when creating a topic. | |||||
CVE-2003-0744 | 1 Leafnode | 1 Leafnode | 2023-12-10 | 5.0 MEDIUM | N/A |
The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input. | |||||
CVE-2003-0049 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. | |||||
CVE-2001-0385 | 1 Goahead Software | 1 Goahead Webserver | 2023-12-10 | 5.0 MEDIUM | N/A |
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. | |||||
CVE-2000-0423 | 1 Netwin | 1 Dnews | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag. | |||||
CVE-2000-1127 | 1 Hp | 1 Hp-ux | 2023-12-10 | 3.6 LOW | N/A |
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable. | |||||
CVE-2002-0905 | 1 Ibm | 1 Informix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable. |