Total
238872 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1221 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
| BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | |||||
| CVE-2000-0875 | 1 Texas Imperial Software | 2 Wftpd, Wftpd Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters. | |||||
| CVE-1999-1442 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
| Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments. | |||||
| CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2024-02-04 | 7.2 HIGH | N/A |
| suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | |||||
| CVE-2004-0376 | 1 Oftpd | 1 Oftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command with a large value. | |||||
| CVE-2001-1045 | 1 Basilix | 1 Basilix Webmail | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter. | |||||
| CVE-2004-1155 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. NOTE: later research shows that Internet Explorer 7 on Windows XP SP2 is also vulnerable. | |||||
| CVE-1999-0341 | 2 Debian, Slackware | 2 Debian Linux, Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. | |||||
| CVE-1999-0114 | 1 Elm Development Group | 1 Elm | 2024-02-04 | 4.6 MEDIUM | N/A |
| Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack. | |||||
| CVE-2000-0183 | 1 Michael Sandrof | 1 Ircii | 2024-02-04 | 5.1 MEDIUM | N/A |
| Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. | |||||
| CVE-2002-2400 | 1 Hughes Technologies | 1 Libhttpd | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request. | |||||
| CVE-2003-0368 | 1 Nokia | 1 Ggsn | 2024-02-04 | 5.0 MEDIUM | N/A |
| Nokia Gateway GPRS support node (GGSN) allows remote attackers to cause a denial of service (kernel panic) via a malformed IP packet with a 0xFF TCP option. | |||||
| CVE-2004-1043 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as demonstrated using "writehta.txt" and the ADODB recordset, which saves a .HTA file to the local system, aka the "HTML Help ActiveX control Cross Domain Vulnerability." | |||||
| CVE-2002-0955 | 1 Yabb | 1 Yabb | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message. | |||||
| CVE-2001-1009 | 1 Fetchmail | 1 Fetchmail | 2024-02-04 | 10.0 HIGH | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | |||||
| CVE-2003-1050 | 1 Ibm | 1 Db2 | 2024-02-04 | 7.2 HIGH | N/A |
| Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. | |||||
| CVE-2000-0656 | 1 Analogx | 1 Proxy | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the FTP protocol. | |||||
| CVE-1999-1389 | 1 3com | 1 Total Control Netserver Card | 2024-02-04 | 7.5 HIGH | N/A |
| US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt. | |||||
| CVE-2002-0099 | 1 Michael Lamont | 1 Savant Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters. | |||||
| CVE-2003-0040 | 2 Double Precision Incorporated, Inter7 | 2 Courier Mta, Courier-imap | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name. | |||||