Total
240214 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0363 | 1 Symantec | 1 Norton Antispam | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method. | |||||
CVE-2003-0581 | 1 Xfstt | 1 Xfstt | 2024-02-04 | 7.5 HIGH | N/A |
X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access. | |||||
CVE-1999-0927 | 1 Gordano | 1 Ntmail | 2024-02-04 | 5.0 MEDIUM | N/A |
NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-1999-0731 | 1 Caldera | 1 Openlinux | 2024-02-04 | 4.6 MEDIUM | N/A |
The KDE klock program allows local users to unlock a session using malformed input. | |||||
CVE-1999-1482 | 1 Svgalib | 1 Zgv | 2024-02-04 | 7.2 HIGH | N/A |
SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. | |||||
CVE-2001-1284 | 1 Ipswitch | 1 Imail | 2024-02-04 | 7.5 HIGH | N/A |
Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. | |||||
CVE-2003-1081 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. | |||||
CVE-2004-0875 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (aka webdistro) 0.9.16.002 and earlier allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to the wiki module. | |||||
CVE-2004-1383 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details.php. | |||||
CVE-2002-0907 | 1 Nullsoft | 1 Shoutcast Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-". | |||||
CVE-2000-0015 | 1 Ascend | 1 Cascadeview Ux | 2024-02-04 | 4.6 MEDIUM | N/A |
CascadeView TFTP server allows local users to gain privileges via a symlink attack. | |||||
CVE-1999-0501 | 2024-02-04 | 4.6 MEDIUM | N/A | ||
A Unix account has a guessable password. | |||||
CVE-2001-0278 | 1 Hp | 1 Mpe Ix | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. | |||||
CVE-2002-1424 | 1 John G. Myers | 1 Mpack | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2001-1531 | 1 Apple | 1 Claris Emailer | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename. | |||||
CVE-2004-1854 | 1 Picophone | 1 Internet Telephone | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet. | |||||
CVE-2002-2109 | 1 Matt Wright | 1 Formmail | 2024-02-04 | 7.5 HIGH | N/A |
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer. | |||||
CVE-1999-0566 | 1 Ibm | 1 Aix | 2024-02-04 | 5.0 MEDIUM | N/A |
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |||||
CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2024-02-04 | 5.0 MEDIUM | N/A |
LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | |||||
CVE-2004-0423 | 1 Ssmtp | 1 Ssmtp | 2024-02-04 | 2.1 LOW | N/A |
The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file. |