Total
254094 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1919 | 1 Crackalaka | 1 Crackalaka | 2024-02-04 | 5.0 MEDIUM | N/A |
The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of service (crash) via large malformed strings. | |||||
CVE-1999-0682 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled. | |||||
CVE-2004-0052 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2024-02-04 | 7.5 HIGH | N/A |
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients. | |||||
CVE-2001-0394 | 1 Oreilly | 1 Website Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory. | |||||
CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||||
CVE-2003-0381 | 1 Norman Ramsey | 1 Noweb | 2024-02-04 | 2.1 LOW | N/A |
Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script. | |||||
CVE-2002-0092 | 1 Cvs | 1 Cvs | 2024-02-04 | 5.0 MEDIUM | N/A |
CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability. | |||||
CVE-2002-1538 | 1 Acuma | 1 Acusend | 2024-02-04 | 5.0 MEDIUM | N/A |
Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable. | |||||
CVE-2002-0559 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name. | |||||
CVE-2004-1856 | 1 Hp | 1 Web Jetadmin | 2024-02-04 | 5.0 MEDIUM | N/A |
devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory. | |||||
CVE-1999-1542 | 1 Redhat | 1 Linux | 2024-02-04 | 10.0 HIGH | N/A |
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command. | |||||
CVE-2004-1657 | 1 Newtelligence | 1 Dasblog | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers. | |||||
CVE-2002-0085 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request. | |||||
CVE-2001-0683 | 1 Netscape | 1 Collabra Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. | |||||
CVE-2003-0004 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. | |||||
CVE-2001-0267 | 1 Hp | 1 Mpe Ix | 2024-02-04 | 7.2 HIGH | N/A |
NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. | |||||
CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | |||||
CVE-1999-0895 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 7.5 HIGH | N/A |
Firewall-1 does not properly restrict access to LDAP attributes. | |||||
CVE-2002-0828 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0862. Reason: This is a duplicate of CVE-2002-0862. Notes: All CVE users should reference CVE-2002-0862 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2002-0082 | 2 Apache-ssl, Mod Ssl | 2 Apache-ssl, Mod Ssl | 2024-02-04 | 7.5 HIGH | N/A |
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session. |