Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0094 | 1 Xfree86 Project | 1 X11r6 | 2017-10-10 | 7.5 HIGH | N/A |
| Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI). | |||||
| CVE-2003-0093 | 1 Lbl | 1 Tcpdump | 2017-10-10 | 5.0 MEDIUM | N/A |
| The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. | |||||
| CVE-2003-0081 | 1 Ethereal Group | 1 Ethereal | 2017-10-10 | 7.5 HIGH | N/A |
| Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. | |||||
| CVE-2003-0040 | 2 Double Precision Incorporated, Inter7 | 2 Courier Mta, Courier-imap | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name. | |||||
| CVE-2002-1272 | 1 Alcatel | 1 Aos | 2017-10-10 | 10.0 HIGH | N/A |
| Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. | |||||
| CVE-2004-0011 | 1 Debian | 1 Fsp | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. | |||||
| CVE-2002-1270 | 1 Apple | 1 Mac Os X | 2017-10-10 | 2.1 LOW | N/A |
| Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call. | |||||
| CVE-2002-1107 | 1 Cisco | 1 Vpn Client | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing. | |||||
| CVE-2003-0087 | 1 National Language Support | 1 Libim | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm. | |||||
| CVE-2003-0043 | 1 Apache | 1 Tomcat | 2017-10-10 | 5.0 MEDIUM | N/A |
| Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. | |||||
| CVE-2003-0045 | 1 Apache | 1 Tomcat | 2017-10-10 | 5.0 MEDIUM | N/A |
| Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp. | |||||
| CVE-2003-0988 | 1 Kde | 1 Kde | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file. | |||||
| CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2017-10-10 | 7.5 HIGH | N/A |
| Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | |||||
| CVE-2002-1268 | 1 Apple | 1 Mac Os X | 2017-10-10 | 4.6 MEDIUM | N/A |
| Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege Elevation via Mounting an ISO 9600 CD." | |||||
| CVE-2004-0040 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2017-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. | |||||
| CVE-2002-1371 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-10-10 | 7.5 HIGH | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | |||||
| CVE-2004-0004 | 1 Openca | 1 Openca | 2017-10-10 | 7.5 HIGH | N/A |
| The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trusted by OpenCA's chain directory, allowing remote attackers to spoof requests from other users. | |||||
| CVE-2002-1108 | 1 Cisco | 1 Vpn Client | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel. | |||||
| CVE-2004-0099 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 4.6 MEDIUM | N/A |
| mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions. | |||||
| CVE-2004-0095 | 1 Mcafee | 1 Epolicy Orchestrator | 2017-10-10 | 5.0 MEDIUM | N/A |
| McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow. | |||||
| CVE-2002-1113 | 1 Mantis | 1 Mantis | 2017-10-10 | 7.5 HIGH | N/A |
| summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code. | |||||
| CVE-2003-0969 | 1 Mpg321 | 1 Mpg321 | 2017-10-10 | 7.5 HIGH | N/A |
| mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability. | |||||
| CVE-2004-0009 | 1 Apache-ssl | 1 Apache-ssl | 2017-10-10 | 7.5 HIGH | N/A |
| Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user. | |||||
| CVE-2004-0001 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 7.2 HIGH | N/A |
| Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges. | |||||
| CVE-2002-1112 | 1 Mantis | 1 Mantis | 2017-10-10 | 5.0 MEDIUM | N/A |
| Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page. | |||||
| CVE-2004-0089 | 1 Apple | 1 Mac Os X | 2017-10-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable. | |||||
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2017-10-10 | 5.0 MEDIUM | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | |||||
| CVE-2003-0966 | 1 Elm Development Group | 1 Elm | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line. | |||||
| CVE-2001-1203 | 1 Alessandro Rubini | 1 Gpm | 2017-10-10 | 7.2 HIGH | N/A |
| Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. | |||||
| CVE-2001-1118 | 1 Roxen | 1 Roxen Webserver | 2017-10-10 | 7.5 HIGH | N/A |
| A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL. | |||||
| CVE-2001-1119 | 1 Ti Kan | 1 Xmcd | 2017-10-10 | 6.2 MEDIUM | N/A |
| cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-1177 | 1 Samsung | 2 Ml-85g Gdi Printer Driver, Ml-85p Printer Driver | 2017-10-10 | 6.2 MEDIUM | N/A |
| ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2002-0003 | 1 Gnu | 1 Groff | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | |||||
| CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2017-10-10 | 7.2 HIGH | N/A |
| Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||||
| CVE-2002-0005 | 1 Aol | 1 Instant Messenger | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame). | |||||
| CVE-2002-0275 | 1 Blueface | 1 Falcon Web Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / (slash) in the requested URL. | |||||
| CVE-2001-1303 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication. | |||||
| CVE-2002-0006 | 1 Xchat | 1 Xchat | 2017-10-10 | 7.5 HIGH | N/A |
| XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set. | |||||
| CVE-2001-1193 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command. | |||||
| CVE-2001-1130 | 1 Suse | 1 Suse Linux | 2017-10-10 | 7.5 HIGH | N/A |
| Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. | |||||
| CVE-2002-0007 | 1 Mozilla | 1 Bugzilla | 2017-10-10 | 10.0 HIGH | N/A |
| CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server. | |||||
| CVE-2001-1176 | 1 Checkpoint | 3 Firewall-1, Provider-1, Vpn-1 | 2017-10-10 | 7.5 HIGH | N/A |
| Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection. | |||||
| CVE-2001-1132 | 1 Gnu | 1 Mailman | 2017-10-10 | 7.5 HIGH | N/A |
| Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. | |||||
| CVE-2001-1291 | 1 3com | 1 Superstack Ii Ps Hub | 2017-10-10 | 10.0 HIGH | N/A |
| The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the server via brute force password guessing. | |||||
| CVE-2001-1183 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. | |||||
| CVE-2002-0028 | 1 Mirabilis | 1 Icq | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows remote attackers to execute arbitrary code via a Voice Video & Games request. | |||||
| CVE-2002-0038 | 1 Sgi | 1 Irix | 2017-10-10 | 5.0 MEDIUM | N/A |
| Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk. | |||||
| CVE-2002-0046 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 5.0 MEDIUM | N/A |
| Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet. | |||||
| CVE-2002-0047 | 1 Olaf Titz | 1 Cipe | 2017-10-10 | 5.0 MEDIUM | N/A |
| CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet. | |||||
| CVE-2002-0651 | 1 Isc | 1 Bind | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | |||||