Total
259238 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0524 | 1 Thiago Melo De Paula | 1 Change Passwd | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name. | |||||
| CVE-2004-1360 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
| Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. | |||||
| CVE-2002-2413 | 2 Deerfield, Microsoft | 3 Website Pro, Windows 9x, Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name. | |||||
| CVE-2004-1715 | 1 Clearswift | 1 Mimesweeper For Web | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL. | |||||
| CVE-2004-0541 | 1 National Science Foundation | 1 Squid Web Proxy Cache | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable). | |||||
| CVE-2003-0887 | 1 Angus Mackay | 1 Ez-ipupdate | 2024-02-04 | 2.1 LOW | N/A |
| ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file. | |||||
| CVE-2004-1563 | 1 W-agora | 1 W-agora | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the (1) thread parameter to download_thread.php, (2) loginuser parameter to login.php, or (3) userid parameter to forgot_password.php. | |||||
| CVE-2002-0873 | 1 L2tpd | 1 L2tpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow. | |||||
| CVE-2002-0812 | 2 Hpe, Proxim | 6 Compaq Wl310, Compaq Wl310 Firmware, Orinoco Rg-1000 and 3 more | 2024-02-04 | 6.4 MEDIUM | N/A |
| Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on, uses a system identification string as a default SNMP read/write community string, which allows remote attackers to obtain and modify sensitive configuration information by querying for the identification string. | |||||
| CVE-2004-0804 | 1 Libtiff | 1 Libtiff | 2024-02-04 | 4.3 MEDIUM | N/A |
| Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. | |||||
| CVE-2002-1196 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
| editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to users via known features of Perl math that set multiple bits. | |||||
| CVE-2004-0388 | 1 Oracle | 1 Mysql | 2024-02-04 | 2.1 LOW | N/A |
| The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2003-1370 | 1 Nuked-klan | 1 Nuked-klan | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module. | |||||
| CVE-2002-1026 | 1 Macromedia | 1 Sitespring | 2024-02-04 | 5.0 MEDIUM | N/A |
| Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow. | |||||
| CVE-2001-0152 | 1 Microsoft | 1 Plus | 2024-02-04 | 2.1 LOW | N/A |
| The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the compressed folders. | |||||
| CVE-2002-0163 | 1 Squid | 1 Squid | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses. | |||||
| CVE-2000-0378 | 1 Redhat | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
| The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. | |||||
| CVE-2003-1442 | 1 Ericsson | 1 Hm220dp Adsl Modem | 2024-02-04 | 7.5 HIGH | N/A |
| The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side. | |||||
| CVE-2001-0762 | 1 Su-wrapper | 1 Su-wrapper | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbitrary code via a long first argument. | |||||
| CVE-2004-1752 | 1 Nakedsoft | 1 Gaucho | 2024-02-04 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header. | |||||