Total
254033 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1383 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. | |||||
| CVE-2002-0986 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
| The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy." | |||||
| CVE-2002-1502 | 1 Dave Brul | 1 Xbreaky | 2024-02-04 | 2.1 LOW | N/A |
| Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file. | |||||
| CVE-2000-0523 | 1 Etype | 1 Eserv | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command. | |||||
| CVE-2000-1008 | 1 Palm | 1 Palm Os | 2024-02-04 | 4.6 MEDIUM | N/A |
| PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | |||||
| CVE-2002-2137 | 5 Alloy, D-link, Eusso and 2 more | 5 Gl-2422ap-s, Dwl-900ap\+, Gl2422 Ap and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155. | |||||
| CVE-2002-1180 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability." | |||||
| CVE-2003-1123 | 1 Sun | 2 Jdk, Jre | 2024-02-04 | 7.5 HIGH | N/A |
| Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model. | |||||
| CVE-2003-0139 | 1 Mit | 1 Kerberos | 2024-02-04 | 7.5 HIGH | N/A |
| Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing." | |||||
| CVE-2004-0057 | 1 Lbl | 1 Tcpdump | 2024-02-04 | 5.0 MEDIUM | N/A |
| The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989. | |||||
| CVE-1999-0600 | 2024-02-04 | 10.0 HIGH | N/A | ||
| A network intrusion detection system (IDS) does not verify the checksum on a packet. | |||||
| CVE-2001-1035 | 1 Slrn Development Team | 1 Slrn | 2024-02-04 | 7.5 HIGH | N/A |
| Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post. | |||||
| CVE-1999-0482 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
| OpenBSD kernel crash through TSS handling, as caused by the crashme program. | |||||
| CVE-2002-1827 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 2.1 LOW | N/A |
| Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files. | |||||
| CVE-2002-1476 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh. | |||||
| CVE-2003-0009 | 1 Microsoft | 2 Windows Me, Windows Xp | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. | |||||
| CVE-2003-0230 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-04 | 7.2 HIGH | N/A |
| Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability. | |||||
| CVE-2004-1887 | 1 Ada | 1 Imgsvr | 2024-02-04 | 5.0 MEDIUM | N/A |
| Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null). | |||||
| CVE-2002-1668 | 1 Hp | 3 Hp-ux, Hp-ux Series 700, Hp-ux Series 800 | 2024-02-04 | 2.1 LOW | N/A |
| HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file. | |||||
| CVE-2002-1111 | 1 Mantis | 1 Mantis | 2024-02-04 | 5.0 MEDIUM | N/A |
| print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted. | |||||