Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | |||||
CVE-1999-0940 | 1 Mutt | 1 Mutt Mail Client | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. | |||||
CVE-1999-0534 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. | |||||
CVE-2002-1908 | 1 Microsoft | 1 Internet Information Services | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters. | |||||
CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2024-02-28 | 7.5 HIGH | N/A |
SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | |||||
CVE-2004-0247 | 1 Cauldron | 2 Chaser Client, Chaser Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory. | |||||
CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2024-02-28 | 5.0 MEDIUM | N/A |
SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | |||||
CVE-2002-0318 | 1 Freeradius | 1 Freeradius | 2024-02-28 | 5.0 MEDIUM | N/A |
FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | |||||
CVE-2002-2158 | 1 Zendocs | 1 Zentrack | 2024-02-28 | 5.0 MEDIUM | N/A |
zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an invalid ticket ID, which leaks the path in an error message. | |||||
CVE-2004-2052 | 1 Esesix | 1 Thintune | 2024-02-28 | 7.5 HIGH | N/A |
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing. | |||||
CVE-2004-0651 | 1 Sun | 2 Jre, Sdk | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). | |||||
CVE-2004-1826 | 1 Mambo | 1 Mambo Open Source 4.5 | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-1999-1200 | 1 Vintra Systems | 1 Smtp Mailserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command. | |||||
CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2024-02-28 | 7.5 HIGH | N/A |
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
CVE-2004-1581 | 1 Blackboard | 1 Blackboard | 2024-02-28 | 5.0 MEDIUM | N/A |
BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | |||||
CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | |||||
CVE-2003-0429 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.5 HIGH | N/A |
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. | |||||
CVE-2003-0548 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | |||||
CVE-2001-1541 | 1 Bsdi | 1 Bsd Os | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument. | |||||
CVE-2004-1709 | 1 Datakey | 1 Rainbow Ikey2032 Usb Token | 2024-02-28 | 2.1 LOW | N/A |
Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users. |