Total
266147 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2131 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2024-02-28 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. | |||||
| CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2024-02-28 | 1.2 LOW | N/A |
| AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | |||||
| CVE-2003-0651 | 1 Mod Mylo | 1 Mod Mylo | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2003-1339 | 1 Ezmeeting | 1 Ezmeeting | 2024-02-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll. | |||||
| CVE-2002-2144 | 1 Free Peers | 1 Bearshare | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters. | |||||
| CVE-2001-0867 | 1 Cisco | 1 12000 Router | 2024-02-28 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | |||||
| CVE-2002-2245 | 1 Netbsd | 1 Ftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
| ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session. | |||||
| CVE-2004-0506 | 2 Ethereal Group, Sgi | 2 Ethereal, Propack | 2024-02-28 | 5.0 MEDIUM | N/A |
| The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference. | |||||
| CVE-2000-0193 | 1 Corel | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
| The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. | |||||
| CVE-2004-0421 | 4 Libpng, Openpkg, Redhat and 1 more | 6 Libpng, Openpkg, Enterprise Linux and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | |||||
| CVE-2000-0305 | 2 Be, Microsoft | 6 Beos, Terminal Server, Windows 2000 and 3 more | 2024-02-28 | 7.8 HIGH | N/A |
| Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability. | |||||
| CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 6 Linux, Freebsd, Licq and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
| CVE-2004-1843 | 1 Expinion.net | 1 Member Management System | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp. | |||||
| CVE-2000-0189 | 1 Allaire | 1 Coldfusion Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. | |||||
| CVE-1999-0079 | 1 Bisonware | 1 Bisonware Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports. | |||||
| CVE-2001-0380 | 1 Crosscom Olicom | 1 Xlt-f | 2024-02-28 | 6.4 MEDIUM | N/A |
| Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'. | |||||
| CVE-2001-0904 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients. | |||||
| CVE-2004-2220 | 1 F-secure | 1 F-secure Anti-virus | 2024-02-28 | 5.0 MEDIUM | N/A |
| F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. | |||||
| CVE-2002-0100 | 1 Aol | 1 Aol Server | 2024-02-28 | 7.5 HIGH | N/A |
| AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file. | |||||
| CVE-2003-1376 | 1 Winzip | 1 Winzip | 2024-02-28 | 4.6 MEDIUM | N/A |
| WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. | |||||