Total
250894 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2003 | 1 Delegate | 1 Delegate | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field. | |||||
| CVE-2004-0138 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
| The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped. | |||||
| CVE-2002-1044 | 1 Ultrafunk | 1 Popcorn | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field. | |||||
| CVE-2001-1373 | 1 Zonelabs | 1 Zonealarm | 2023-12-10 | 5.0 MEDIUM | N/A |
| MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments. | |||||
| CVE-2003-0253 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. | |||||
| CVE-2001-0399 | 1 Caucho Technology | 1 Resin | 2023-12-10 | 5.0 MEDIUM | N/A |
| Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request. | |||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2023-12-10 | 7.2 HIGH | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | |||||
| CVE-2004-0155 | 1 Kame | 1 Racoon | 2023-12-10 | 7.5 HIGH | N/A |
| The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | |||||
| CVE-1999-1441 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
| Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it. | |||||
| CVE-2002-0461 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop. | |||||
| CVE-2002-0696 | 1 Microsoft | 1 Visual Foxpro | 2023-12-10 | 7.5 HIGH | N/A |
| Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames. | |||||
| CVE-2002-0243 | 1 Opera Software | 1 Opera Web Browser | 2023-12-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | |||||
| CVE-2003-1066 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. | |||||
| CVE-2001-1237 | 1 Peaceworks Computer Consulting | 1 Phormation | 2023-12-10 | 7.5 HIGH | N/A |
| Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. | |||||
| CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2023-12-10 | 4.6 MEDIUM | N/A |
| Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | |||||
| CVE-2002-2368 | 1 Nec | 1 Socks 5 | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module. | |||||
| CVE-2004-1427 | 1 Korweblog | 1 Korweblog | 2023-12-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and earlier allows remote attackers to execute arbitrary PHP code by modifying the G_PATH parameter to reference a URL on a remote web server that contains the code, as demonstrated in index.php when using .. (dot dot) sequences in the lng parameter to cause main.inc to be loaded. | |||||
| CVE-2004-0252 | 1 Typsoft | 1 Typsoft Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name. | |||||
| CVE-2000-0597 | 1 Microsoft | 2 Excel, Powerpoint | 2023-12-10 | 7.5 HIGH | N/A |
| Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | |||||
| CVE-2000-0689 | 1 Cgi Script Center | 1 Account Manager | 2023-12-10 | 7.5 HIGH | N/A |
| Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter. | |||||