Total
11643 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2196 | 1 Samba | 1 Samba | 2024-11-20 | 7.5 HIGH | N/A |
| Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
| CVE-2002-1401 | 1 Postgresql | 1 Postgresql | 2024-11-20 | 6.5 MEDIUM | N/A |
| Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | |||||
| CVE-2002-1365 | 1 Fetchmail | 1 Fetchmail | 2024-11-20 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | |||||
| CVE-2002-1357 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2024-11-20 | 10.0 HIGH | N/A |
| Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | |||||
| CVE-2002-1222 | 1 Cisco | 1 Catos | 2024-11-20 | 7.1 HIGH | N/A |
| Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | |||||
| CVE-2002-1200 | 1 Oneidentity | 1 Syslog-ng | 2024-11-20 | 7.5 HIGH | N/A |
| Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2002-1174 | 1 Fetchmail | 1 Fetchmail | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function. | |||||
| CVE-2002-0813 | 1 Cisco | 1 Ios | 2024-11-20 | 7.1 HIGH | N/A |
| Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | |||||
| CVE-2002-0649 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-11-20 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm. | |||||
| CVE-2002-0070 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2024-11-20 | 7.6 HIGH | N/A |
| Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | |||||
| CVE-2002-0053 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. | |||||
| CVE-2001-1587 | 1 Novell | 1 Netware | 2024-11-20 | 5.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. | |||||
| CVE-2001-1582 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 7.2 HIGH | N/A |
| Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. | |||||
| CVE-2001-1539 | 1 Microsoft | 1 Internet Explorer | 2024-11-20 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem. | |||||
| CVE-2001-1456 | 4 Mcafee, Network Associates, Pgp and 1 more | 5 Webshield Smtp, Gauntlet Firewall, Mcafee E-ppliance and 2 more | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | |||||
| CVE-2001-0819 | 1 Fetchmail | 1 Fetchmail | 2024-11-20 | 7.5 HIGH | N/A |
| A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header. | |||||
| CVE-2001-0803 | 1 Open Group | 1 Cde Common Desktop Environment | 2024-11-20 | 10.0 HIGH | N/A |
| Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0775 | 2 Xli, Xloadimage | 2 Xli, Xloadimage | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field. | |||||
| CVE-2001-0629 | 1 Hp | 1 Openview Network Node Manager | 2024-11-20 | 10.0 HIGH | N/A |
| HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter. | |||||
| CVE-2001-0576 | 1 Sco | 1 Openserver | 2024-11-20 | 4.6 MEDIUM | N/A |
| lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter. | |||||