Total
254018 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2039 | 1 Qnx | 1 Rtos | 2024-02-04 | 2.1 LOW | N/A |
/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal. | |||||
CVE-2004-1414 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2024-02-04 | 5.0 MEDIUM | N/A |
Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images. | |||||
CVE-2003-0196 | 5 Compaq, Hp, Samba and 2 more | 7 Tru64, Cifs-9000 Server, Hp-ux and 4 more | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | |||||
CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | |||||
CVE-2002-1126 | 2 Galeon, Mozilla | 2 Galeon Browser, Mozilla | 2024-02-04 | 2.6 LOW | N/A |
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler. | |||||
CVE-1999-0224 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in Windows NT messenger service through a long username. | |||||
CVE-2000-0661 | 1 Wircsrv | 1 Irc Server | 2024-02-04 | 5.0 MEDIUM | N/A |
WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port. | |||||
CVE-2002-1442 | 1 Google | 1 Toolbar | 2024-02-04 | 7.5 HIGH | N/A |
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check. | |||||
CVE-2001-0598 | 1 Symantec | 1 Norton Ghost | 2024-02-04 | 5.0 MEDIUM | N/A |
Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled. | |||||
CVE-2001-1280 | 1 Ipswitch | 1 Imail | 2024-02-04 | 5.0 MEDIUM | N/A |
POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system. | |||||
CVE-2000-0132 | 1 Microsoft | 1 Virtual Machine | 2024-02-04 | 2.6 LOW | N/A |
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | |||||
CVE-2002-1588 | 1 Sun | 1 Openwindows | 2024-02-04 | 5.0 MEDIUM | N/A |
Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service (mailtool segmentation violation and crash) via a malformed mail attachment. | |||||
CVE-2000-0808 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 7.5 HIGH | N/A |
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication." | |||||
CVE-2001-0590 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0). | |||||
CVE-2003-0896 | 1 Sun | 1 Jre | 2024-02-04 | 7.5 HIGH | N/A |
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method. | |||||
CVE-1999-1582 | 1 Cisco | 1 Pix Firewall | 2024-02-04 | 7.5 HIGH | N/A |
By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality. | |||||
CVE-2002-0218 | 1 Sas | 2 Sas Base, Sas Integration Technologies | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument. | |||||
CVE-2000-0318 | 1 Atrium Software | 1 Mercur Mailserver | 2024-02-04 | 7.5 HIGH | N/A |
Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack. | |||||
CVE-2001-0666 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 2.1 LOW | N/A |
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox. | |||||
CVE-2004-0001 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges. |