Total
254671 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0789 | 9 Axis, Delegate, Dnrd and 6 more | 15 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 12 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. | |||||
CVE-1999-0403 | 1 Cyrix | 1 Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
A bug in Cyrix CPUs on Linux allows local users to perform a denial of service. | |||||
CVE-2002-2321 | 1 Phplinkat | 1 Phplinkat | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | |||||
CVE-2001-1027 | 1 Windowmaker | 1 Windowmaker | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title. | |||||
CVE-2001-0096 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability. | |||||
CVE-2003-1327 | 2 Linux, Washington University | 2 Linux Kernel, Wu-ftpd | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. | |||||
CVE-2003-0759 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. | |||||
CVE-2002-0900 | 1 Mit | 1 Pgp Public Key Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | |||||
CVE-2000-0158 | 1 Sco | 1 Openserver | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. | |||||
CVE-2003-1311 | 1 Netegrity | 1 Siteminder | 2024-02-04 | 6.8 MEDIUM | N/A |
siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter. | |||||
CVE-2004-0595 | 4 Avaya, Php, Redhat and 1 more | 8 Converged Communications Server, Integrated Management, S8300 and 5 more | 2024-02-04 | 6.8 MEDIUM | N/A |
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. | |||||
CVE-2003-1303 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header. | |||||
CVE-2002-1065 | 1 T. Hauck | 1 Jana Web Server | 2024-02-04 | 7.5 HIGH | N/A |
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing. | |||||
CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | |||||
CVE-2002-2377 | 1 Sephiroth32 | 1 Zap Book | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field. | |||||
CVE-2000-0835 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 5.0 MEDIUM | N/A |
search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter. | |||||
CVE-1999-0039 | 1 Sgi | 1 Irix | 2024-02-04 | 7.5 HIGH | N/A |
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. | |||||
CVE-2002-1204 | 1 Netscape | 1 Communicator | 2024-02-04 | 5.0 MEDIUM | N/A |
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. | |||||
CVE-2003-0792 | 1 Fetchmail | 1 Fetchmail | 2024-02-04 | 5.0 MEDIUM | N/A |
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email. | |||||
CVE-2004-0197 | 1 Microsoft | 1 Jet | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query. |