Total
10073 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1928 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-02-04 | 7.5 HIGH | N/A |
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL. | |||||
CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2024-02-04 | 7.8 HIGH | N/A |
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | |||||
CVE-1999-0721 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.8 HIGH | N/A |
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||||
CVE-2002-2228 | 1 Mailscanner | 1 Mailscanner | 2024-02-04 | 6.4 MEDIUM | N/A |
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner. | |||||
CVE-2001-0566 | 1 Cisco | 1 Catalyst 2900 | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | |||||
CVE-2001-0509 | 1 Microsoft | 4 Exchange Server, Sql Server, Windows 2000 and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | |||||
CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2024-02-04 | 5.0 MEDIUM | N/A |
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | |||||
CVE-2003-1456 | 4 Linux, Microsoft, Mike Bobbitt and 1 more | 4 Linux Kernel, All Windows, Album.pl and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors. | |||||
CVE-2003-1487 | 1 Phorum | 1 Phorum | 2024-02-04 | 10.0 HIGH | N/A |
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program. | |||||
CVE-2002-2354 | 1 Netgear | 1 Fm114p | 2024-02-04 | 7.8 HIGH | N/A |
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. | |||||
CVE-2002-1175 | 1 Fetchmail | 1 Fetchmail | 2024-02-04 | 5.0 MEDIUM | N/A |
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts to read data beyond the expected boundary. | |||||
CVE-2023-40097 | 1 Google | 1 Android | 2024-02-02 | N/A | 7.8 HIGH |
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. |