Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0510 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 5.0 MEDIUM | N/A |
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | |||||
CVE-2000-0797 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option. | |||||
CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
CVE-2001-1459 | 1 Openbsd | 1 Openssh | 2024-02-28 | 7.5 HIGH | N/A |
OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. | |||||
CVE-2004-0407 | 1 Macromedia | 1 Coldfusion | 2024-02-28 | 2.6 LOW | N/A |
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. | |||||
CVE-2001-0002 | 1 Microsoft | 2 Internet Explorer, Windows Script Host | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | |||||
CVE-2000-1193 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port. | |||||
CVE-2001-0167 | 1 Att | 1 Winvnc | 2024-02-28 | 7.6 HIGH | N/A |
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. | |||||
CVE-2001-0280 | 1 Atrium Software | 1 Mercur | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | |||||
CVE-2000-0183 | 1 Michael Sandrof | 1 Ircii | 2024-02-28 | 5.1 MEDIUM | N/A |
Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. | |||||
CVE-2002-1231 | 1 Caldera | 2 Openunix, Unixware | 2024-02-28 | 2.1 LOW | N/A |
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc. | |||||
CVE-1999-0572 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 9.3 HIGH | N/A |
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. | |||||
CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||
CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||||
CVE-2004-0423 | 1 Ssmtp | 1 Ssmtp | 2024-02-28 | 2.1 LOW | N/A |
The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file. | |||||
CVE-2004-0318 | 1 Platform | 1 Lsf | 2024-02-28 | 10.0 HIGH | N/A |
Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges. | |||||
CVE-2003-0141 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2024-02-28 | 5.1 MEDIUM | N/A |
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. | |||||
CVE-2004-2112 | 1 Herberlin | 1 Bremsserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL. | |||||
CVE-2003-0048 | 1 Putty | 1 Putty | 2024-02-28 | 4.6 MEDIUM | N/A |
PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
CVE-2001-1437 | 1 Easyscripts | 1 Easynews | 2024-02-28 | 7.5 HIGH | N/A |
easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out. |