Total
265941 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 4.6 MEDIUM | N/A |
The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. | |||||
CVE-1999-0004 | 3 Hp, Sco, University Of Washington | 3 Dtmail, Unixware, Pine | 2024-02-28 | 5.0 MEDIUM | N/A |
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. | |||||
CVE-2002-2108 | 1 Sony | 1 Vaio Manual Cybersupport | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold from November 2001 to January 2002, allows remote attackers to modify data via a web page or HTML e-mail. | |||||
CVE-2003-0219 | 1 Kerio | 1 Personal Firewall 2 | 2024-02-28 | 7.5 HIGH | N/A |
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server. | |||||
CVE-2002-1616 | 1 Hp | 1 Tru64 | 2024-02-28 | 7.2 HIGH | N/A |
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc. | |||||
CVE-2002-2146 | 1 Savant | 1 Savant Webserver | 2024-02-28 | 7.5 HIGH | N/A |
cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request. | |||||
CVE-2001-1487 | 1 Qualcomm | 1 Qpopper | 2024-02-28 | 4.6 MEDIUM | N/A |
popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option. | |||||
CVE-2000-0825 | 1 Ipswitch | 1 Imail | 2024-02-28 | 5.0 MEDIUM | N/A |
Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. | |||||
CVE-2004-0948 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. It was a duplicate assignment before public disclosure. Notes: none | |||||
CVE-2002-2141 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 7.5 HIGH | N/A |
BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB) on more than one server, will remove the security constraints and roles on all servers for any Servlets or EJB that are used by an application that is undeployed on one server, which could allow remote attackers to conduct unauthorized activities in violation of the intended restrictions. | |||||
CVE-2004-1789 | 1 Zyxel | 1 Zywall10 | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page. | |||||
CVE-2002-0994 | 1 Sun | 1 Sun Pci Ii Driver | 2024-02-28 | 7.5 HIGH | N/A |
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications. | |||||
CVE-2000-1008 | 1 Palm | 1 Palm Os | 2024-02-28 | 4.6 MEDIUM | N/A |
PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | |||||
CVE-2001-0068 | 1 Apple | 1 Mac Os Runtime For Java | 2024-02-28 | 2.6 LOW | N/A |
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter. | |||||
CVE-2002-0669 | 1 Pingtel | 1 Xpressa | 2024-02-28 | 5.0 MEDIUM | N/A |
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIP_AUTHENTICATE_SCHEME value to force authentication of incoming calls, which does not notify the user when an authentication failure occurs. | |||||
CVE-2003-0014 | 1 Bmv | 1 Bmv | 2024-02-28 | 4.6 MEDIUM | N/A |
gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2002-2304 | 1 Myphpsoft | 1 Myphplinks | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the idsession parameter. | |||||
CVE-2004-1984 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2024-02-28 | 5.0 MEDIUM | N/A |
Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.php, which reveal the full path in a PHP error message. | |||||
CVE-2004-1411 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2024-02-28 | 2.6 LOW | N/A |
Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. | |||||
CVE-2004-0286 | 1 Robotftp | 1 Robotftp Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username. |