Total
266228 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1293 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-28 | 7.5 HIGH | N/A |
The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the security checks that are performed by the load() method. | |||||
CVE-2004-0309 | 1 Zonelabs | 2 Integrity, Zonealarm | 2024-02-28 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument. | |||||
CVE-1999-1442 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments. | |||||
CVE-2002-1320 | 1 University Of Washington | 1 Pine | 2024-02-28 | 5.0 MEDIUM | N/A |
Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). | |||||
CVE-2002-0439 | 1 Caupo.net | 1 Cauposhop | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field. | |||||
CVE-2003-1369 | 1 Save It Software Pty | 1 Bytecatcherftp | 2024-02-28 | 6.8 MEDIUM | N/A |
Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | |||||
CVE-2002-0991 | 1 Hp | 1 Cifs-9000 Server | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | |||||
CVE-2001-1394 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service. | |||||
CVE-2003-1442 | 1 Ericsson | 1 Hm220dp Adsl Modem | 2024-02-28 | 7.5 HIGH | N/A |
The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side. | |||||
CVE-2004-2259 | 1 Beasts | 1 Vsftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | |||||
CVE-2004-0392 | 1 Kame | 1 Racoon | 2024-02-28 | 5.0 MEDIUM | N/A |
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields. | |||||
CVE-2002-0812 | 2 Hpe, Proxim | 6 Compaq Wl310, Compaq Wl310 Firmware, Orinoco Rg-1000 and 3 more | 2024-02-28 | 6.4 MEDIUM | N/A |
Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on, uses a system identification string as a default SNMP read/write community string, which allows remote attackers to obtain and modify sensitive configuration information by querying for the identification string. | |||||
CVE-2000-0394 | 1 Axent | 1 Netprowler | 2024-02-28 | 5.0 MEDIUM | N/A |
NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. | |||||
CVE-2001-0948 | 1 Valicert | 1 Enterprise Validation Authority | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed. | |||||
CVE-2004-1424 | 1 Moodle | 1 Moodle | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
CVE-2000-1132 | 1 Dcscripts | 1 Dcforum | 2024-02-28 | 6.4 MEDIUM | N/A |
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable. | |||||
CVE-2002-0597 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 5.0 MEDIUM | N/A |
LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445. | |||||
CVE-2002-0809 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 7.5 HIGH | N/A |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names. | |||||
CVE-2002-2134 | 1 Peel | 1 Peel | 2024-02-28 | 5.0 MEDIUM | N/A |
haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file. | |||||
CVE-2002-0459 | 1 Linux-sottises | 2 Board-tnk, News-tnk | 2024-02-28 | 7.6 HIGH | N/A |
Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. |