Total
1229 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-3710 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags. | |||||
CVE-2006-0038 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 6.9 MEDIUM | N/A |
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. | |||||
CVE-2002-2419 | 1 Dctc Project | 1 Dctc | 2023-12-10 | 7.8 HIGH | N/A |
Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character. | |||||
CVE-2002-2245 | 1 Netbsd | 1 Ftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session. | |||||
CVE-2002-2367 | 1 Socks5 | 1 Socks5 | 2023-12-10 | 7.8 HIGH | N/A |
Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname. | |||||
CVE-2002-2286 | 1 Apt-www-proxy | 1 Apt-www-proxy | 2023-12-10 | 5.0 MEDIUM | N/A |
The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference. | |||||
CVE-2002-2235 | 1 Jelsoft | 1 Vbulletin | 2023-12-10 | 5.0 MEDIUM | N/A |
member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an integer, which causes an error message to be reflected back to the user without quoting, which facilitates cross-site scripting (XSS) and possibly other attacks. | |||||
CVE-2003-0372 | 1 Nessus | 1 Nessus | 2023-12-10 | 4.6 MEDIUM | N/A |
Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script. | |||||
CVE-2003-1432 | 1 Epic Games | 2 Unreal Engine, Unreal Tournament 2003 | 2023-12-10 | 10.0 HIGH | N/A |
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file. |