Total
10060 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1979 | 1 Watchguard | 3 Legacy Rssa, Soho, Vclass | 2024-02-04 | 7.5 HIGH | N/A |
WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | |||||
CVE-2001-1584 | 1 Michael Barretto | 1 Cardboard | 2024-02-04 | 7.5 HIGH | N/A |
CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field. | |||||
CVE-2004-1777 | 1 Skype Technologies | 1 Skype | 2024-02-04 | 5.0 MEDIUM | N/A |
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114. | |||||
CVE-2003-1419 | 1 Netscape | 1 Navigator | 2024-02-04 | 4.3 MEDIUM | N/A |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | |||||
CVE-2003-1364 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-04 | 8.5 HIGH | N/A |
Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of service (crash) via an HTTP GET message with empty (1) Connection or (2) Range fields. | |||||
CVE-2004-0244 | 1 Cisco | 1 Ios | 2024-02-04 | 4.7 MEDIUM | N/A |
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | |||||
CVE-2003-1003 | 1 Cisco | 2 Pix Firewall, Pix Firewall Software | 2024-02-04 | 7.8 HIGH | N/A |
Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | |||||
CVE-2004-1928 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-02-04 | 7.5 HIGH | N/A |
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL. | |||||
CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2024-02-04 | 7.8 HIGH | N/A |
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | |||||
CVE-1999-0721 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.8 HIGH | N/A |
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||||
CVE-2002-2228 | 1 Mailscanner | 1 Mailscanner | 2024-02-04 | 6.4 MEDIUM | N/A |
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner. | |||||
CVE-2001-0566 | 1 Cisco | 1 Catalyst 2900 | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | |||||
CVE-2001-0509 | 1 Microsoft | 4 Exchange Server, Sql Server, Windows 2000 and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | |||||
CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2024-02-04 | 5.0 MEDIUM | N/A |
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | |||||
CVE-2003-1456 | 4 Linux, Microsoft, Mike Bobbitt and 1 more | 4 Linux Kernel, All Windows, Album.pl and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors. | |||||
CVE-2003-1487 | 1 Phorum | 1 Phorum | 2024-02-04 | 10.0 HIGH | N/A |
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program. | |||||
CVE-2002-2354 | 1 Netgear | 1 Fm114p | 2024-02-04 | 7.8 HIGH | N/A |
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. | |||||
CVE-2002-1175 | 1 Fetchmail | 1 Fetchmail | 2024-02-04 | 5.0 MEDIUM | N/A |
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the expected boundary. | |||||
CVE-2023-40097 | 1 Google | 1 Android | 2024-02-02 | N/A | 7.8 HIGH |
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. |