Total
250908 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0068 | 1 Apple | 1 Mac Os Runtime For Java | 2023-12-10 | 2.6 LOW | N/A |
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter. | |||||
CVE-2004-1768 | 1 Symantec | 1 Brightmail Antispam | 2023-12-10 | 5.0 MEDIUM | N/A |
The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters. | |||||
CVE-2001-0049 | 1 Watchguard | 1 Soho Firewall | 2023-12-10 | 5.0 MEDIUM | N/A |
WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to cause a denial of service via a large number of GET requests. | |||||
CVE-2004-0465 | 1 Openconnect | 1 Webconnect | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter. | |||||
CVE-2001-0955 | 1 Xfree86 Project | 1 X11r6 | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | |||||
CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2023-12-10 | 6.2 MEDIUM | N/A |
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | |||||
CVE-2002-1167 | 1 Ibm | 1 Websphere Caching Proxy Server | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request. | |||||
CVE-2003-0128 | 1 Ximian | 1 Evolution | 2023-12-10 | 5.0 MEDIUM | N/A |
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow. | |||||
CVE-2002-2044 | 1 Xqus | 1 X-stat | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action. | |||||
CVE-1999-0928 | 1 Smartdesk | 1 Websuite | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL. | |||||
CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 3 Debian Linux, Micq, Linux | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | |||||
CVE-2000-0763 | 1 David Bagley | 1 Xlock | 2023-12-10 | 7.2 HIGH | N/A |
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option. | |||||
CVE-2002-0128 | 1 Sambar | 1 Sambar Server | 2023-12-10 | 7.5 HIGH | N/A |
cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long argument. | |||||
CVE-2001-0903 | 1 Intel | 1 High-bandwidth Digital Content Protection | 2023-12-10 | 7.5 HIGH | N/A |
Linear key exchange process in High-bandwidth Digital Content Protection (HDCP) System allows remote attackers to access data as plaintext, avoid device blacklists, clone devices, and create new device keyvectors by computing and using alternate key combinations for authentication. | |||||
CVE-2002-0046 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet. | |||||
CVE-2003-1379 | 1 Point Clark Networks | 1 Clarkconnect | 2023-12-10 | 5.0 MEDIUM | N/A |
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processes, (5) Y, which reveals the snort log files, or (6) b, which reveals /var/log/messages. | |||||
CVE-2000-0826 | 1 Mobius | 1 Documentdirect For The Internet | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long GET request. | |||||
CVE-2004-0472 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a reservation duplicate of CVE-2004-0434. Notes: All CVE users should reference CVE-2004-0434 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2003-0335 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 7.5 HIGH | N/A |
rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | |||||
CVE-2002-0022 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated. |