Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5916 | 1 Intego | 1 Virusbarrier | 2018-08-13 | 5.0 MEDIUM | N/A |
| Intego VirusBarrier X4 allows context-dependent attackers to bypass virus protection by quickly injecting many infected files into the filesystem, which prevents VirusBarrier from processing all the files. | |||||
| CVE-2015-2342 | 1 Vmware | 1 Vcenter Server | 2018-08-12 | 10.0 HIGH | N/A |
| The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol. | |||||
| CVE-2015-3218 | 1 Polkit Project | 1 Polkit | 2018-07-18 | 2.1 LOW | N/A |
| The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path. | |||||
| CVE-2016-9391 | 1 Jasper Project | 1 Jasper | 2018-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer. | |||||
| CVE-2016-9393 | 1 Jasper Project | 1 Jasper | 2018-06-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||||
| CVE-2016-9388 | 1 Jasper Project | 1 Jasper | 2018-06-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | |||||
| CVE-2012-6701 | 1 Linux | 1 Linux Kernel | 2018-06-20 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. | |||||
| CVE-2016-3963 | 1 Siemens | 1 Scalance S613 | 2018-05-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| Siemens SCALANCE S613 allows remote attackers to cause a denial of service (web-server outage) via traffic to TCP port 443. | |||||
| CVE-2004-0427 | 1 Linux | 1 Linux Kernel | 2018-05-03 | 2.1 LOW | N/A |
| The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call. | |||||
| CVE-2004-1316 | 1 Mozilla | 1 Mozilla | 2018-05-03 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated. | |||||
| CVE-2004-0424 | 3 Linux, Sgi, Slackware | 3 Linux Kernel, Propack, Slackware Linux | 2018-05-03 | 7.2 HIGH | N/A |
| Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | |||||
| CVE-2004-0261 | 1 Openjournal | 1 Openjournal | 2018-05-03 | 10.0 HIGH | N/A |
| oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to bypass authentication and access the control panel via a 0 in the uid parameter. | |||||
| CVE-2005-0525 | 1 Php | 1 Php | 2018-05-03 | 5.0 MEDIUM | N/A |
| The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. | |||||
| CVE-2004-0541 | 1 National Science Foundation | 1 Squid Web Proxy Cache | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable). | |||||
| CVE-2005-0524 | 1 Php | 1 Php | 2018-05-03 | 5.0 MEDIUM | N/A |
| The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. | |||||
| CVE-2004-1137 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2018-05-03 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. | |||||
| CVE-2004-0188 | 1 Calife | 1 Calife | 2018-05-03 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password. | |||||
| CVE-2005-0399 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2018-05-03 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size. | |||||
| CVE-2005-0401 | 1 Mozilla | 2 Firefox, Mozilla | 2018-05-03 | 5.1 MEDIUM | N/A |
| FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2." | |||||
| CVE-2004-0256 | 1 Gnu | 1 Libtool | 2018-05-03 | 2.1 LOW | N/A |
| GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. | |||||
| CVE-2004-1016 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2018-05-03 | 2.1 LOW | N/A |
| The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. | |||||
| CVE-2000-0534 | 1 Aps Filter Development Team | 1 Apsfilter | 2018-05-03 | 4.6 MEDIUM | N/A |
| The apsfilter software in the FreeBSD ports package does not properly read user filter configurations, which allows local users to execute commands as the lpd user. | |||||
| CVE-1999-0305 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. | |||||
| CVE-1999-0052 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | |||||
| CVE-2000-0005 | 1 Hp | 3 9000, Aserver, Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. | |||||
| CVE-1999-1265 | 1 Seatle Lab Software | 1 Slmail | 2018-05-03 | 5.0 MEDIUM | N/A |
| SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO. | |||||
| CVE-2000-0149 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL. | |||||
| CVE-1999-0934 | 2018-05-03 | 5.0 MEDIUM | N/A | ||
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. | |||||
| CVE-1999-1205 | 1 Hp | 1 Hp-ux | 2018-05-03 | 2.1 LOW | N/A |
| nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information. | |||||
| CVE-2000-0573 | 1 Hp | 1 Hp-ux | 2018-05-03 | 10.0 HIGH | N/A |
| The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||||
| CVE-2000-0165 | 1 Etl | 1 Delegate | 2018-05-03 | 7.5 HIGH | N/A |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. | |||||
| CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2018-05-03 | 7.2 HIGH | N/A |
| makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
| CVE-1999-0059 | 1 Sgi | 1 Irix | 2018-05-03 | 7.1 HIGH | N/A |
| IRIX fam service allows an attacker to obtain a list of all files on the server. | |||||
| CVE-2000-0670 | 1 Cvsweb Developer | 1 Cvsweb | 2018-05-03 | 7.2 HIGH | N/A |
| The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0094 | 1 Netbsd | 1 Netbsd | 2018-05-03 | 7.2 HIGH | N/A |
| procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr. | |||||
| CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | |||||
| CVE-2000-0212 | 1 Pragma Systems | 1 Interaccess Telnetd Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information. | |||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 10.0 HIGH | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | |||||
| CVE-1999-1156 | 1 Bisonware | 1 Bisonware Ftp Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | |||||
| CVE-1999-0751 | 1 Netscape | 1 Enterprise Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. | |||||
| CVE-1999-0884 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| The Zeus web server administrative interface uses weak encryption for its passwords. | |||||
| CVE-1999-0710 | 1 Redhat | 1 Linux | 2018-05-03 | 7.5 HIGH | N/A |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | |||||
| CVE-1999-1147 | 1 Platinum | 1 Policy Compliance Manager | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe. | |||||
| CVE-2000-0007 | 1 Trend Micro | 1 Pc-cillin | 2018-05-03 | 5.0 MEDIUM | N/A |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | |||||
| CVE-1999-0108 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| The printers program in IRIX has a buffer overflow that gives root access to local users. | |||||
| CVE-1999-0112 | 2 Cde, Ibm | 2 Cde, Aix | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in AIX dtterm program for the CDE. | |||||
| CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2018-05-03 | 7.2 HIGH | N/A |
| Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
| CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 10.0 HIGH | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | |||||
| CVE-1999-0288 | 1 Microsoft | 1 Windows Nt | 2018-05-03 | 5.0 MEDIUM | N/A |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | |||||
| CVE-1999-0146 | 1 Ncsa | 2 Campas, Servers | 2018-05-03 | 7.5 HIGH | N/A |
| The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file. | |||||