Total
248617 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1382 | 1 Macromedia | 1 Flash Player | 2023-12-10 | 7.5 HIGH | N/A |
Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846. | |||||
CVE-2003-0544 | 1 Openssl | 1 Openssl | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. | |||||
CVE-2002-2257 | 1 Tuxbr | 1 Libcgi | 2023-12-10 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument. | |||||
CVE-1999-0595 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 2.1 LOW | N/A |
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | |||||
CVE-2001-1363 | 1 Phpwebsite Development Team | 1 Phpwebsite | 2023-12-10 | 10.0 HIGH | N/A |
Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges. | |||||
CVE-2000-0758 | 1 Lyris | 1 List Manager | 2023-12-10 | 4.6 MEDIUM | N/A |
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field. | |||||
CVE-2002-1791 | 1 Sgi | 1 Irix | 2023-12-10 | 2.1 LOW | N/A |
SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files. | |||||
CVE-2004-0077 | 4 Linux, Netwosix, Redhat and 1 more | 7 Linux Kernel, Netwosix Linux, Bigmem Kernel and 4 more | 2023-12-10 | 7.2 HIGH | N/A |
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. | |||||
CVE-2002-1294 | 1 Microsoft | 1 Java Virtual Machine | 2023-12-10 | 7.5 HIGH | N/A |
The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activities via an applet that uses those references to access proprietary Microsoft methods. | |||||
CVE-1999-0762 | 1 Netscape | 2 Communicator, Navigator | 2023-12-10 | 2.6 LOW | N/A |
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. | |||||
CVE-2001-1047 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 1.2 LOW | N/A |
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork. | |||||
CVE-2002-1327 | 1 Microsoft | 1 Windows Xp | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise." | |||||
CVE-2001-0166 | 1 Macromedia | 1 Shockwave Flash Plugin | 2023-12-10 | 7.6 HIGH | N/A |
Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. | |||||
CVE-2004-1357 | 1 Sun | 1 Solaris | 2023-12-10 | 5.0 MEDIUM | N/A |
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities. | |||||
CVE-2003-1016 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2023-12-10 | 7.5 HIGH | N/A |
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients. | |||||
CVE-2002-1661 | 1 Leafnode | 1 Leafnode | 2023-12-10 | 5.0 MEDIUM | N/A |
The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group. | |||||
CVE-1999-1074 | 1 Webmin | 1 Webmin | 2023-12-10 | 7.5 HIGH | N/A |
Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | |||||
CVE-2000-0938 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | |||||
CVE-1999-0168 | 1 Sun | 1 Sunos | 2023-12-10 | 7.5 HIGH | N/A |
The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | |||||
CVE-2002-2025 | 1 Ibm | 1 Lotus Domino Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name. |