Total
254008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1854 | 1 Picophone | 1 Internet Telephone | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet. | |||||
| CVE-2002-2109 | 1 Matt Wright | 1 Formmail | 2024-02-04 | 7.5 HIGH | N/A |
| Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer. | |||||
| CVE-1999-0566 | 1 Ibm | 1 Aix | 2024-02-04 | 5.0 MEDIUM | N/A |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |||||
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2024-02-04 | 5.0 MEDIUM | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | |||||
| CVE-2004-0423 | 1 Ssmtp | 1 Ssmtp | 2024-02-04 | 2.1 LOW | N/A |
| The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file. | |||||
| CVE-1999-0447 | 1 Hp | 1 Mpe Ix | 2024-02-04 | 4.6 MEDIUM | N/A |
| Local users can gain privileges using the debug utility in the MPE/iX operating system. | |||||
| CVE-2002-2277 | 1 Portail Web Php | 1 Portail Web Php | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables. | |||||
| CVE-2004-0428 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | |||||
| CVE-2002-0145 | 1 Scott Parish | 1 Chuid | 2024-02-04 | 7.5 HIGH | N/A |
| chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root. | |||||
| CVE-1999-1312 | 1 Dec | 2 Dec Openvms Axp, Dec Openvms Vax | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1.0, allows local users to gain system privileges. | |||||
| CVE-1999-0055 | 2 Ibm, Sun | 3 Aix, Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflows in Sun libnsl allow root access. | |||||
| CVE-2003-0714 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 7.5 HIGH | N/A |
| The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000. | |||||
| CVE-2004-0249 | 1 Phpx | 1 Phpx | 2024-02-04 | 10.0 HIGH | N/A |
| PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other accounts by modifying the cookie's PXL variable to reference another userID. | |||||
| CVE-2004-2035 | 1 Minishare | 1 Minimal Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. | |||||
| CVE-2001-1088 | 1 Microsoft | 2 Outlook, Outlook Express | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user. | |||||
| CVE-2002-2033 | 1 Faqmanager | 1 Faqmanager.cgi | 2024-02-04 | 5.0 MEDIUM | N/A |
| faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). | |||||
| CVE-2004-0754 | 1 Rob Flynn | 1 Gaim | 2024-02-04 | 7.5 HIGH | N/A |
| Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | |||||
| CVE-2003-0780 | 3 Conectiva, Mysql, Oracle | 3 Linux, Mysql, Mysql | 2024-02-04 | 9.0 HIGH | N/A |
| Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | |||||
| CVE-2002-0230 | 1 Faq-o-matic | 1 Faq-o-matic | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message. | |||||
| CVE-2001-0860 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-02-04 | 7.5 HIGH | N/A |
| Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT). | |||||