Total
90730 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0660 | 1 Greg Roelofs | 2 Libpng, Libpng3 | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728. | |||||
CVE-2002-0663 | 1 Symantec | 2 Norton Internet Security, Norton Personal Firewall | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request. | |||||
CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 2.1 LOW | N/A |
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | |||||
CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2023-12-10 | 10.0 HIGH | N/A |
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||||
CVE-2004-1672 | 1 Icewarp | 1 Web Mail | 2023-12-10 | 7.5 HIGH | N/A |
attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to view other users' attachments by specifying the username and message ID in an HTTP request. | |||||
CVE-2003-0418 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. | |||||
CVE-2001-0492 | 1 Netcruiser Software | 1 Netcruiser Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Netcruiser Web server version 0.1.2.8 and earlier allows remote attackers to determine the physical path of the server via a URL containing (1) con, (2) com2, or (3) com3. | |||||
CVE-2001-1182 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges. | |||||
CVE-2004-0307 | 1 Cisco | 1 Optical Networking Systems Software | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead. | |||||
CVE-2002-1574 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | |||||
CVE-2004-1386 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2023-12-10 | 7.5 HIGH | N/A |
TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | |||||
CVE-2004-0498 | 1 Stonesoft | 1 Firewall Engine | 2023-12-10 | 5.0 MEDIUM | N/A |
The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and earlier allows remote attackers to cause a denial of service (crash) via crafted H.323 packets. | |||||
CVE-2002-0649 | 1 Microsoft | 2 Data Engine, Sql Server | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm. | |||||
CVE-2003-0999 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files. | |||||
CVE-2004-2253 | 1 Netwin | 1 Surgeldap | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command. | |||||
CVE-2004-0299 | 1 Smallftpd | 1 Smallftpd | 2023-12-10 | 2.1 LOW | N/A |
Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash) characters. | |||||
CVE-2004-0385 | 1 Oracle | 2 Application Server Web Cache, E-business Suite | 2023-12-10 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities." | |||||
CVE-2001-0332 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
CVE-2003-0413 | 1 Sun | 1 One Application Server | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message. | |||||
CVE-1999-0408 | 1 Sun | 1 Cobalt Raq | 2023-12-10 | 10.0 HIGH | N/A |
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. |