Total
254037 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1698 | 1 Microsoft | 1 Msn Messenger | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header. | |||||
CVE-2002-1363 | 1 Greg Roelofs | 1 Libpng | 2024-02-04 | 7.5 HIGH | N/A |
Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. | |||||
CVE-2000-1068 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2024-02-04 | 10.0 HIGH | N/A |
pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter. | |||||
CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2024-02-04 | 5.0 MEDIUM | N/A |
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | |||||
CVE-2001-1571 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 5.0 MEDIUM | N/A |
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing. | |||||
CVE-2002-1885 | 1 Powerphlogger | 1 Powerphlogger | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter. | |||||
CVE-2003-0860 | 1 Php | 1 Php | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors. | |||||
CVE-2003-0995 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request. | |||||
CVE-2003-0494 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-04 | 10.0 HIGH | N/A |
password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | |||||
CVE-2001-1507 | 1 Openbsd | 1 Openssh | 2024-02-04 | 7.5 HIGH | N/A |
OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged. | |||||
CVE-2003-1208 | 1 Oracle | 1 Oracle9i | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions. | |||||
CVE-2002-1247 | 2 Kde, Lisa | 3 Kde, Klisa, Lisa | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | |||||
CVE-2002-2223 | 1 Juniper | 2 Netscreen Remote Security Client, Netscreen Remote Vpn Client | 2024-02-04 | 5.1 MEDIUM | N/A |
Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. | |||||
CVE-2003-0118 | 1 Microsoft | 1 Biztalk Server | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement. | |||||
CVE-2004-1513 | 1 Soft3304 | 1 04webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries. | |||||
CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2024-02-04 | 7.5 HIGH | N/A |
SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | |||||
CVE-2001-1019 | 1 Seaglass Technologies Inc. | 1 Sglmerchant | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in view_item CGI program in sglMerchant 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTML_FILE parameter. | |||||
CVE-1999-0670 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 4.0 MEDIUM | N/A |
Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | |||||
CVE-2002-1690 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225. | |||||
CVE-2001-0820 | 1 Gaztek | 1 Ghttp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c. |