Total
253847 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1812 | 1 Broadcom | 1 Unicenter Tng | 2024-02-04 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code. | |||||
CVE-2001-0299 | 1 Nokia | 1 Ip440 Firewall Vpn Appliance | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | |||||
CVE-2001-0272 | 1 W3.org | 1 Sendtemp.pl | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter. | |||||
CVE-2004-0700 | 2 Gentoo, Mod Ssl | 2 Linux, Mod Ssl | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | |||||
CVE-2000-0292 | 1 Adtran | 1 Mx2800 | 2024-02-04 | 5.0 MEDIUM | N/A |
The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. | |||||
CVE-2004-0215 | 2 Avaya, Microsoft | 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. | |||||
CVE-2000-0967 | 1 Php | 1 Php | 2024-02-04 | 10.0 HIGH | N/A |
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs. | |||||
CVE-1999-0302 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. | |||||
CVE-2001-1134 | 1 Xerox | 1 Docuprint N40 | 2024-02-04 | 5.0 MEDIUM | N/A |
Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm. | |||||
CVE-2002-2353 | 1 Tftpd32 | 1 Tftpd32 | 2024-02-04 | 6.4 MEDIUM | N/A |
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests. | |||||
CVE-2003-1160 | 1 Seyeon | 1 Flexwatch Network Video Server | 2024-02-04 | 10.0 HIGH | N/A |
FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). | |||||
CVE-2001-0041 | 1 Cisco | 1 Catos | 2024-02-04 | 7.8 HIGH | N/A |
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. | |||||
CVE-2003-0692 | 1 Kde | 1 Kde | 2024-02-04 | 7.5 HIGH | N/A |
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | |||||
CVE-2004-0465 | 1 Openconnect | 1 Webconnect | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter. | |||||
CVE-2004-0727 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | |||||
CVE-2002-1197 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail. | |||||
CVE-2002-1430 | 1 Synthetic Reality | 1 Sympoll | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters. | |||||
CVE-1999-0272 | 1 Slmail | 1 Slmail | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in Slmail v2.5 through the POP3 port. | |||||
CVE-2001-0518 | 1 Oracle | 1 Oracle9i | 2024-02-04 | 5.0 MEDIUM | N/A |
Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang. | |||||
CVE-2004-0592 | 1 Suse | 1 Suse Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626. |