Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0040 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2024-02-28 | 10.0 HIGH | N/A |
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. | |||||
CVE-2000-1172 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag. | |||||
CVE-1999-1534 | 1 Knox Software | 1 Arkeia | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. | |||||
CVE-1999-1120 | 1 Sgi | 1 Irix | 2024-02-28 | 4.6 MEDIUM | N/A |
netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. | |||||
CVE-2002-0101 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released. | |||||
CVE-2002-0897 | 1 Intranet-server | 1 Localweb2000 | 2024-02-28 | 7.5 HIGH | N/A |
LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory. | |||||
CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2024-02-28 | 7.2 HIGH | N/A |
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | |||||
CVE-2002-0463 | 1 Arsc Really Simple Chat | 1 Arsc Really Simple Chat | 2024-02-28 | 5.0 MEDIUM | N/A |
home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message. | |||||
CVE-2003-0508 | 1 Adobe | 1 Acrobat Reader | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link. | |||||
CVE-2003-0849 | 1 Gnu | 1 Cfengine | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. | |||||
CVE-2002-0283 | 1 Microsoft | 1 Windows Xp | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows XP with port 445 open allows remote attackers to cause a denial of service (CPU consumption) via a flood of TCP SYN packets containing possibly malformed data. | |||||
CVE-2004-1974 | 1 Php Arena | 1 Pafiledb | 2024-02-28 | 5.0 MEDIUM | N/A |
paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login.php, (2) category.php, (3) search.php, (4) main.php, (5) viewall.php, (6) download.php, (7) email.php, (8) file.php, (9) rate.php, or (10) stats.php, which reveals the path in an error message. | |||||
CVE-2002-0209 | 1 Nortel | 1 Alteon Acedirector | 2024-02-28 | 5.0 MEDIUM | N/A |
Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address. | |||||
CVE-2004-1718 | 1 Pedestal Software | 1 Integrity Protection Driver | 2024-02-28 | 2.1 LOW | N/A |
The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. | |||||
CVE-1999-0671 | 1 Toxsoft | 1 Nextftp | 2024-02-28 | 5.1 MEDIUM | N/A |
Buffer overflow in ToxSoft NextFTP client through CWD command. | |||||
CVE-2003-0642 | 1 Watchguard | 1 Serverlock | 2024-02-28 | 2.1 LOW | N/A |
WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory via a symlink attack on \Device\PhysicalMemory. | |||||
CVE-2004-0167 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 7.5 HIGH | N/A |
DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | |||||
CVE-2002-0040 | 1 Sgi | 1 Irix | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. | |||||
CVE-1999-0834 | 1 Rsa | 1 Rsaref | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. | |||||
CVE-2004-1436 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-28 | 7.5 HIGH | N/A |
The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters. |