Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0178 | 1 Foundrynet | 1 Serveriron | 2024-02-28 | 7.5 HIGH | N/A |
ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. | |||||
CVE-2002-1223 | 1 Kde | 1 Kde | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | |||||
CVE-1999-0965 | 1 X.org | 1 Xterm | 2024-02-28 | 6.2 MEDIUM | N/A |
Race condition in xterm allows local users to modify arbitrary files via the logging option. | |||||
CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
CVE-2004-0178 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. | |||||
CVE-2002-0136 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript. | |||||
CVE-2002-0696 | 1 Microsoft | 1 Visual Foxpro | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames. | |||||
CVE-2002-1789 | 1 Newsx | 1 Newsx | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function. | |||||
CVE-2002-1833 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2024-02-28 | 7.5 HIGH | N/A |
The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges. | |||||
CVE-1999-1425 | 1 Sun | 1 Solstice Adminsuite | 2024-02-28 | 6.2 MEDIUM | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd. | |||||
CVE-1999-0694 | 1 Ibm | 1 Aix | 2024-02-28 | 2.1 LOW | N/A |
Denial of service in AIX ptrace system call allows local users to crash the system. | |||||
CVE-2004-2131 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2024-02-28 | 7.2 HIGH | N/A |
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. | |||||
CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2024-02-28 | 1.2 LOW | N/A |
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | |||||
CVE-2003-0651 | 1 Mod Mylo | 1 Mod Mylo | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2002-2144 | 1 Free Peers | 1 Bearshare | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters. | |||||
CVE-2001-0867 | 1 Cisco | 1 12000 Router | 2024-02-28 | 7.5 HIGH | N/A |
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | |||||
CVE-2004-0506 | 2 Ethereal Group, Sgi | 2 Ethereal, Propack | 2024-02-28 | 5.0 MEDIUM | N/A |
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference. | |||||
CVE-2000-0193 | 1 Corel | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. | |||||
CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 6 Linux, Freebsd, Licq and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
CVE-2004-1843 | 1 Expinion.net | 1 Member Management System | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp. |