Total
254008 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0380 | 1 Atftpd | 1 Atftpd | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename. | |||||
CVE-2002-2127 | 1 Pedestal Software | 1 Integrity Protection Driver | 2024-02-04 | 2.1 LOW | N/A |
Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink. | |||||
CVE-2004-2149 | 1 Oracle | 1 Mysql | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. | |||||
CVE-2001-0173 | 2 Nobreak Technologies, Qdecoder | 2 Crazywwwboard, Qdecoder | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header. | |||||
CVE-2003-1387 | 1 Opera | 1 Opera Browser | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username. | |||||
CVE-2001-0888 | 3 Atmel, Linksys, Netgear | 3 Firmware, Wap11, Me102 | 2024-02-04 | 5.0 MEDIUM | N/A |
Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests. | |||||
CVE-2001-0483 | 1 Symantec | 1 Raptor Firewall | 2024-02-04 | 7.5 HIGH | N/A |
Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set. | |||||
CVE-2002-1632 | 1 Oracle | 1 Application Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2. | |||||
CVE-2004-0711 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 7.5 HIGH | N/A |
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if they were the legal "/*" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected. | |||||
CVE-2000-0329 | 1 Microsoft | 4 Ie, Internet Explorer, Outlook and 1 more | 2024-02-04 | 5.1 MEDIUM | N/A |
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | |||||
CVE-2002-1029 | 1 Worldspan | 1 Res Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990. | |||||
CVE-2000-0609 | 1 Netwin | 2 Cwmail, Dmailweb | 2024-02-04 | 5.0 MEDIUM | N/A |
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter. | |||||
CVE-2002-1072 | 1 Zyxel | 1 Prestige | 2024-02-04 | 5.0 MEDIUM | N/A |
ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet. | |||||
CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2024-02-04 | 7.2 HIGH | N/A |
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | |||||
CVE-2002-2004 | 1 Compaq | 1 Tru64 | 2024-02-04 | 5.0 MEDIUM | N/A |
portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets. | |||||
CVE-1999-0382 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. | |||||
CVE-2004-0435 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 3.6 LOW | N/A |
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | |||||
CVE-2003-0708 | 1 Tomi Manninen | 1 Linuxnode | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
CVE-2002-0278 | 1 Add2it | 1 Mailman Free | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Add2it Mailman Free 1.73 and earlier allows remote attackers to modify arbitrary files via a .. (dot dot) in the list parameter. | |||||
CVE-2004-1236 | 1 Netscape | 1 Directory Server | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code. |