Total
254124 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1243 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2004. Notes: none. | |||||
| CVE-2004-0688 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
| CVE-2001-1488 | 1 Open Projects Network | 1 Open Projects Network Ircd | 2024-02-04 | 5.0 MEDIUM | N/A |
| Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon. | |||||
| CVE-2000-0152 | 1 Novell | 1 Bordermanager | 2024-02-04 | 5.0 MEDIUM | N/A |
| Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000. | |||||
| CVE-2002-0685 | 1 Pgp | 3 Desktop Security, Freeware, Personal Security | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message. | |||||
| CVE-2002-0289 | 1 Bbshareware.com | 1 Phusion Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Phusion web server 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long HTTP request. | |||||
| CVE-1999-0234 | 5 Caldera, Redhat, Sgi and 2 more | 5 Openlinux, Linux, Irix and 2 more | 2024-02-04 | 4.6 MEDIUM | N/A |
| Bash treats any character with a value of 255 as a command separator. | |||||
| CVE-2003-1366 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 3.3 LOW | N/A |
| chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. | |||||
| CVE-2002-1085 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers to execute script and steal cookies via the diary and other capabilities. | |||||
| CVE-2002-1275 | 1 Html2ps Project | 1 Html2ps | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input." | |||||
| CVE-2003-0304 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2024-02-04 | 10.0 HIGH | N/A |
| one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. | |||||
| CVE-2001-0463 | 1 Acme Labs | 1 Perlcal | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter. | |||||
| CVE-2002-0713 | 1 Squid | 1 Squid | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated. | |||||
| CVE-1999-1486 | 1 Ibm | 1 Aix | 2024-02-04 | 1.2 LOW | N/A |
| sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-1043 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-04 | 10.0 HIGH | N/A |
| Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||||
| CVE-2001-0903 | 1 Intel | 1 High-bandwidth Digital Content Protection | 2024-02-04 | 7.5 HIGH | N/A |
| Linear key exchange process in High-bandwidth Digital Content Protection (HDCP) System allows remote attackers to access data as plaintext, avoid device blacklists, clone devices, and create new device keyvectors by computing and using alternate key combinations for authentication. | |||||
| CVE-2004-0230 | 6 Juniper, Mcafee, Netbsd and 3 more | 7 Junos, Network Data Loss Prevention, Netbsd and 4 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | |||||
| CVE-2002-0914 | 1 Double Precision Incorporated | 1 Courier Mta | 2024-02-04 | 5.0 MEDIUM | N/A |
| Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop. | |||||
| CVE-1999-0915 | 1 Pacific Software | 1 Url Live | 2024-02-04 | 5.0 MEDIUM | N/A |
| URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2024-02-04 | 5.0 MEDIUM | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | |||||