Total
265818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1229 | 2 Icecast, Libshout | 2 Icecast, Libshout | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | |||||
| CVE-1999-1103 | 1 Digital | 1 Osf 1 | 2024-02-28 | 4.6 MEDIUM | N/A |
| dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | |||||
| CVE-2002-1097 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-28 | 7.5 HIGH | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages. | |||||
| CVE-1999-0445 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
| In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | |||||
| CVE-2003-0287 | 1 Six Apart | 1 Movable Type | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, and possibly other versions including 2.63, allows remote attackers to insert arbitrary web script or HTML via the Name textbox, possibly when the "Allow HTML in comments?" option is enabled. | |||||
| CVE-2002-0377 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 2.1 LOW | N/A |
| Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. | |||||
| CVE-2004-0612 | 1 Zonelabs | 1 Zonealarm | 2024-02-28 | 5.1 MEDIUM | N/A |
| The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification. | |||||
| CVE-2004-0370 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 2.1 LOW | N/A |
| The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic. | |||||
| CVE-2001-1234 | 1 Gallery Project | 1 Gallery | 2024-02-28 | 7.5 HIGH | N/A |
| Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. | |||||
| CVE-2003-0209 | 2 Smoothwall, Sourcefire | 2 Smoothwall, Snort | 2024-02-28 | 10.0 HIGH | N/A |
| Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow. | |||||
| CVE-2002-1254 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." | |||||
| CVE-1999-1254 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. | |||||
| CVE-2002-1292 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-28 | 7.5 HIGH | N/A |
| The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by modifying the (1) deniedDefinitionPackages or (2) deniedAccessPackages settings, causing a denial of service by adding Java applets to the list of applets that are prevented from running. | |||||
| CVE-2000-0472 | 1 Isc | 1 Inn | 2024-02-28 | 3.6 LOW | N/A |
| Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | |||||
| CVE-2002-0800 | 1 Working Resources Inc. | 1 Badblue | 2024-02-28 | 5.0 MEDIUM | N/A |
| BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. | |||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2024-02-28 | 4.6 MEDIUM | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | |||||
| CVE-1999-0230 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in Cisco 7xx routers through the telnet service. | |||||
| CVE-2004-1794 | 1 Vcard4j | 1 Vcard4j | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard. | |||||
| CVE-2003-1356 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. | |||||
| CVE-2002-0429 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 3.6 LOW | N/A |
| The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). | |||||