Total
251331 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1485 | 1 Clearswift | 1 Mailsweeper | 2023-12-10 | 5.0 MEDIUM | N/A |
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space." | |||||
CVE-2003-0208 | 1 Macromedia | 1 Flash | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field. | |||||
CVE-2004-0393 | 1 Rlpr | 1 Rlpr | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function. | |||||
CVE-2002-2118 | 1 Blue World Communications | 1 Lasso Web Data Engine | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial of service via a long URL. | |||||
CVE-2004-1828 | 1 Belchior Foundry | 1 Vcard | 2023-12-10 | 5.0 MEDIUM | N/A |
Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php. | |||||
CVE-2002-1807 | 1 Phpwebsite | 1 Phpwebsite | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
CVE-2002-2172 | 1 Shana | 2 Informed Designer, Informed Filler | 2023-12-10 | 2.1 LOW | N/A |
Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information. | |||||
CVE-2003-0196 | 5 Compaq, Hp, Samba and 2 more | 7 Tru64, Cifs-9000 Server, Hp-ux and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | |||||
CVE-2003-0666 | 1 Microsoft | 1 Wordperfect Converter | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file. | |||||
CVE-2003-1398 | 1 Cisco | 1 Ios | 2023-12-10 | 9.3 HIGH | N/A |
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). | |||||
CVE-2000-1105 | 1 Microsoft | 1 Indexing Service | 2023-12-10 | 4.3 MEDIUM | N/A |
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled. | |||||
CVE-2002-1026 | 1 Macromedia | 1 Sitespring | 2023-12-10 | 5.0 MEDIUM | N/A |
Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow. | |||||
CVE-2004-1853 | 1 Atari | 1 Terminator 3 War Of The Machines | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote attackers to cause a denial of service via a long ServerInfo variable. | |||||
CVE-2001-0642 | 1 Incredimail | 1 Incredimail | 2023-12-10 | 2.1 LOW | N/A |
Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file. | |||||
CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2023-12-10 | 2.1 LOW | N/A |
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | |||||
CVE-1999-0941 | 1 Mutt | 1 Mutt | 2023-12-10 | 7.5 HIGH | N/A |
Mutt mail client allows a remote attacker to execute commands via shell metacharacters. | |||||
CVE-2000-1013 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||||
CVE-2004-0002 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 10.0 HIGH | N/A |
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. | |||||
CVE-2002-1290 | 1 Microsoft | 1 Java Virtual Machine | 2023-12-10 | 6.4 MEDIUM | N/A |
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) ClipBoardSetText methods of the INativeServices class. | |||||
CVE-2002-1021 | 1 Working Resources Inc. | 1 Badblue | 2023-12-10 | 5.0 MEDIUM | N/A |
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte. |