Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0031 | 1 Mcrypt | 1 Libmcrypt | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). | |||||
CVE-2001-1425 | 1 Alcatel | 1 Speed Touch Home | 2024-02-04 | 7.5 HIGH | N/A |
The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login. | |||||
CVE-2001-0557 | 1 T. Hauck | 1 Jana Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e). | |||||
CVE-1999-0073 | 2 Digital, Sgi | 3 Osf 1, Unix, Irix | 2024-02-04 | 10.0 HIGH | N/A |
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. | |||||
CVE-2001-0859 | 1 Redhat | 1 Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. | |||||
CVE-2003-0943 | 1 Sap | 1 Sap Db | 2024-02-04 | 7.5 HIGH | N/A |
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm). | |||||
CVE-2002-0909 | 1 Matsushita Research | 1 Mnews | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER. | |||||
CVE-2003-0761 | 1 Digium | 1 Asterisk | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | |||||
CVE-1999-0523 | 2024-02-04 | N/A | N/A | ||
ICMP echo (ping) is allowed from arbitrary hosts. | |||||
CVE-2000-0971 | 1 Avirt | 1 Avirt Mail Server | 2024-02-04 | 10.0 HIGH | N/A |
Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long "RCPT TO" or "MAIL FROM" command. | |||||
CVE-2002-2157 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1660. Reason: This candidate is a duplicate of CVE-2002-1660. Notes: All CVE users should reference CVE-2002-1660 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2000-0279 | 1 Be | 1 Beos | 2024-02-04 | 5.0 MEDIUM | N/A |
BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers. | |||||
CVE-2003-0767 | 1 Gamespy | 2 Roger Wilco Dedicated Server, Roger Wilco Graphical Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earlier for Windows, and 0.27 and earlier for Linux and BSD, allows remote attackers to cause a denial of service and execute arbitrary code via a client request with a large length value. | |||||
CVE-2003-1452 | 1 Qualcomm | 1 Qpopper | 2024-02-04 | 3.6 LOW | N/A |
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. | |||||
CVE-2004-0844 | 1 Microsoft | 1 Ie | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability." | |||||
CVE-2002-2013 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2024-02-04 | 5.0 MEDIUM | N/A |
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
CVE-2000-1219 | 1 Gnu | 2 G\+\+, Gcc | 2024-02-04 | 7.5 HIGH | N/A |
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows. | |||||
CVE-2001-1196 | 1 Webmin | 1 Webmin | 2024-02-04 | 10.0 HIGH | N/A |
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument. | |||||
CVE-2001-0304 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request. | |||||
CVE-2004-1781 | 1 Info Touch | 1 Surfnet | 2024-02-04 | 4.6 MEDIUM | N/A |
Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command. |