Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1316 | 1 Mozilla | 1 Mozilla | 2024-02-04 | 5.0 MEDIUM | N/A |
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated. | |||||
CVE-2004-0340 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-04 | 7.2 HIGH | N/A |
Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands. | |||||
CVE-2000-1222 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. | |||||
CVE-2001-1575 | 1 Apple | 1 Personal Web Sharing | 2024-02-04 | 5.0 MEDIUM | N/A |
Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow. | |||||
CVE-2000-0619 | 1 Toplayer | 1 Appswitch | 2024-02-04 | 5.0 MEDIUM | N/A |
Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets. | |||||
CVE-2004-0814 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2024-02-04 | 1.2 LOW | N/A |
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. | |||||
CVE-2001-1443 | 1 Kth | 1 Kth Kerberos | 2024-02-04 | 5.0 MEDIUM | N/A |
KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack. | |||||
CVE-2002-0268 | 1 Identix | 1 Biologon | 2024-02-04 | 7.2 HIGH | N/A |
Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges. | |||||
CVE-2002-0134 | 1 Avirt | 1 Avirt Gateway Suite | 2024-02-04 | 7.5 HIGH | N/A |
Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command. | |||||
CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2024-02-04 | 5.0 MEDIUM | N/A |
TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | |||||
CVE-2001-0449 | 1 Winzip | 1 Winzip | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option. | |||||
CVE-2004-0741 | 1 Lionmax Software | 1 Www File Share Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow. | |||||
CVE-1999-0120 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. | |||||
CVE-2001-0273 | 1 Holger Lamm | 1 Pgp4pine | 2024-02-04 | 2.6 LOW | N/A |
pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext. | |||||
CVE-1999-0807 | 1 Netscape | 1 Directory Server | 2024-02-04 | 7.2 HIGH | N/A |
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users. | |||||
CVE-2004-0412 | 1 Gnu | 1 Mailman | 2024-02-04 | 5.0 MEDIUM | N/A |
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | |||||
CVE-2004-0217 | 2 Redhat, Symantec | 2 Linux, Antivirus Scan Engine | 2024-02-04 | 3.7 LOW | 7.0 HIGH |
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. | |||||
CVE-2002-0823 | 1 Microsoft | 2 Windows 2000, Windows Help | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter. | |||||
CVE-1999-0963 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. | |||||
CVE-2002-0753 | 1 Talentsoft | 1 Web\+ Server | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie. |