Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0558 | 1 Easy Software Products | 1 Cups | 2024-02-04 | 5.0 MEDIUM | N/A |
The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port. | |||||
CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
CVE-2002-0774 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-04 | 10.0 HIGH | N/A |
Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed. | |||||
CVE-2002-2350 | 1 Phpoutsourcing | 1 Zorum | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter. | |||||
CVE-2003-1266 | 1 Etype | 1 Eserv | 2024-02-04 | 5.0 MEDIUM | N/A |
The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. | |||||
CVE-2001-0444 | 1 Cisco | 1 Cbos | 2024-02-04 | 2.1 LOW | N/A |
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | |||||
CVE-2002-0187 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag." | |||||
CVE-2002-1017 | 1 Adobe | 1 Digital Editions | 2024-02-04 | 2.1 LOW | N/A |
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code. | |||||
CVE-2004-0601 | 1 Distcc | 1 Distcc | 2024-02-04 | 7.5 HIGH | N/A |
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions. | |||||
CVE-2001-0936 | 1 Frox | 1 Frox | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request. | |||||
CVE-2004-1049 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-04 | 5.1 MEDIUM | N/A |
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." | |||||
CVE-2001-1292 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 7.5 HIGH | N/A |
Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password. | |||||
CVE-2004-1398 | 1 Roxio | 1 Toast | 2024-02-04 | 4.6 MEDIUM | N/A |
Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument. | |||||
CVE-1999-0821 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument. | |||||
CVE-2002-0703 | 1 Gisle Aas | 1 Digest-md5 | 2024-02-04 | 7.5 HIGH | N/A |
An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. | |||||
CVE-2004-1674 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2024-02-04 | 7.5 HIGH | N/A |
viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to (1) delete arbitrary files via the originalfolder parameter or (2) move arbitrary files via the messageid parameter. | |||||
CVE-2004-2006 | 1 Trend Micro | 1 Officescan | 2024-02-04 | 4.6 MEDIUM | N/A |
Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. | |||||
CVE-1999-1457 | 1 Thttpd | 1 Thttpd Http Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function. | |||||
CVE-2004-0729 | 1 Phpbb Group | 1 Phpbb | 2024-02-04 | 5.0 MEDIUM | N/A |
PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.php, (2) faq parameter to faq.php, or (3) ranksrow parameter to profile.php, which reveal the full path in an error message. | |||||
CVE-2002-0967 | 1 Edonkey2000 | 1 Edonkey 2000 Client | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL. |