Total
266071 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1503 | 1 Nfr | 1 Nfr | 2024-02-28 | 5.0 MEDIUM | N/A |
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field. | |||||
CVE-1999-0165 | 3 Bsdi, Linux, Sun | 5 Bsd Os, Linux Kernel, Nfs and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
NFS cache poisoning. | |||||
CVE-1999-1326 | 1 Washington University | 1 Wu-ftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. | |||||
CVE-2003-0774 | 1 Sane | 2 Sane, Sane-backend | 2024-02-28 | 7.5 HIGH | N/A |
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed. | |||||
CVE-2004-1890 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via the PORT mode. | |||||
CVE-2002-1095 | 1 Cisco | 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set. | |||||
CVE-1999-1546 | 1 Ibm | 1 Navio Nc Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. | |||||
CVE-2003-0785 | 1 Brian Bassett | 1 Ipmasq | 2024-02-28 | 7.5 HIGH | N/A |
ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering. | |||||
CVE-2001-0332 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2024-02-28 | 6.2 MEDIUM | N/A |
Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | |||||
CVE-2001-0919 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.1 MEDIUM | N/A |
Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript. | |||||
CVE-2002-0695 | 1 Microsoft | 2 Data Access Components, Microsoft Data Access Components | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command. | |||||
CVE-2002-0867 | 1 Microsoft | 1 Virtual Machine | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw." | |||||
CVE-2004-0920 | 1 Symantec | 1 Norton Antivirus | 2024-02-28 | 5.0 MEDIUM | N/A |
Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name. | |||||
CVE-2000-1053 | 1 Macromedia | 1 Jrun | 2024-02-28 | 10.0 HIGH | N/A |
Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet. | |||||
CVE-2003-0558 | 1 Leapware | 1 Leapftp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request. | |||||
CVE-2002-1891 | 1 Ayman Akt | 1 Ircit | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request. | |||||
CVE-2001-0544 | 1 Microsoft | 1 Internet Information Services | 2024-02-28 | 2.1 LOW | N/A |
IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table. | |||||
CVE-2000-0125 | 1 Wired Community Software | 1 Wwwthreads | 2024-02-28 | 7.5 HIGH | N/A |
wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums. | |||||
CVE-2002-1441 | 1 Tomahawk Technologies | 1 Steelarrow | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .aro file, or (3) DLLHOST.EXE via a Chunked Transfer-Encoding request. |