Vulnerabilities (CVE)

Filtered by CWE-20
Total 10024 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1487 1 Phorum 1 Phorum 2024-02-04 10.0 HIGH N/A
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.
CVE-2002-2354 1 Netgear 1 Fm114p 2024-02-04 7.8 HIGH N/A
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2002-1175 1 Fetchmail 1 Fetchmail 2024-02-04 5.0 MEDIUM N/A
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the expected boundary.
CVE-2023-40097 1 Google 1 Android 2024-02-02 N/A 7.8 HIGH
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.