Total
253921 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2185 | 6 Debian, Mandrakesoft, Microsoft and 3 more | 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more | 2024-02-04 | 4.9 MEDIUM | N/A |
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | |||||
CVE-2004-1520 | 1 Ipswitch | 1 Imail | 2024-02-04 | 4.6 MEDIUM | N/A |
Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. | |||||
CVE-2001-0081 | 1 Ncipher | 1 Ncipher | 2024-02-04 | 5.0 MEDIUM | N/A |
swinit in nCipher does not properly disable the Operator Card Set recovery feature even when explicitly disabled by the user, which could allow attackers to gain access to application keys. | |||||
CVE-2002-1103 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets. | |||||
CVE-2004-0200 | 1 Microsoft | 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. | |||||
CVE-2001-0434 | 1 Compaq | 1 Presario | 2024-02-04 | 6.4 MEDIUM | N/A |
The LogDataListToFile ActiveX function used in (1) Knowledge Center and (2) Back web components of Compaq Presario computers allows remote attackers to modify arbitrary files and cause a denial of service. | |||||
CVE-2002-0424 | 1 Efingerd | 1 Efingerd | 2024-02-04 | 4.6 MEDIUM | N/A |
efingerd 1.61 and earlier, when configured without the -u option, executes .efingerd files as the efingerd user (typically "nobody"), which allows local users to gain privileges as the efingerd user by modifying their own .efingerd file and running finger. | |||||
CVE-1999-0908 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. | |||||
CVE-2000-0163 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file. | |||||
CVE-2002-0561 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings. | |||||
CVE-2002-1044 | 1 Ultrafunk | 1 Popcorn | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field. | |||||
CVE-2002-1462 | 1 Organicphp | 1 Php-affiliate | 2024-02-04 | 5.0 MEDIUM | N/A |
details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields. | |||||
CVE-1999-0635 | 2024-02-04 | N/A | N/A | ||
The echo service is running. | |||||
CVE-1999-0861 | 1 Microsoft | 4 Commercial Internet System, Internet Information Server, Site Server and 1 more | 2024-02-04 | 2.6 LOW | N/A |
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. | |||||
CVE-2002-1108 | 1 Cisco | 1 Vpn Client | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel. | |||||
CVE-2001-1110 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2024-02-04 | 5.0 MEDIUM | N/A |
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection. | |||||
CVE-2002-0420 | 1 Claymore Systems Inc | 1 Puretls | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in PureTLS before 0.9b2 related to injection attacks, which could possibly allow remote attackers to corrupt or hijack user sessions. | |||||
CVE-2002-2384 | 1 Hotfoon Corporation | 1 Hotfoon | 2024-02-04 | 3.6 LOW | N/A |
hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service. | |||||
CVE-1999-0264 | 1 Miva | 1 Htmlscript | 2024-02-04 | 5.0 MEDIUM | N/A |
htmlscript CGI program allows remote read access to files. | |||||
CVE-1999-1526 | 1 Macromedia | 1 Shockwave Flash Plugin | 2024-02-04 | 5.0 MEDIUM | N/A |
Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia. |