Total
11829 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0850 | 1 Filezilla-project | 1 Filezilla Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others.
|
|||||
| CVE-2001-1584 | 1 Michael Barretto | 1 Cardboard | 2025-04-03 | 7.5 HIGH | N/A |
|
CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field.
|
|||||
| CVE-2002-2239 | 1 Cisco | 3 Catalyst 6500, Catalyst 7600, Ios | 2025-04-03 | 7.8 HIGH | N/A |
|
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
|
|||||
| CVE-1999-0995 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.8 HIGH | N/A |
|
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
|
|||||
| CVE-2005-2177 | 1 Net-snmp | 1 Net-snmp | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.
|
|||||
| CVE-2003-1402 | 1 Kietu | 1 Kietu | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015.
|
|||||
| CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
|
|||||
| CVE-2003-1488 | 1 Truelogik | 1 Truegalerie | 2025-04-03 | 6.4 MEDIUM | N/A |
|
The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1.
|
|||||
| CVE-2005-1330 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.9 MEDIUM | N/A |
|
AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
|
|||||
| CVE-2003-1365 | 1 Perl | 1 Cgi Lite | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs.
|
|||||
| CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2025-04-03 | 7.8 HIGH | N/A |
|
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header.
|
|||||
| CVE-2006-4541 | 1 Iss | 1 Blackice Pc Protection | 2025-04-03 | 4.6 MEDIUM | N/A |
|
RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.
|
|||||
| CVE-2002-2237 | 1 Tftp | 1 Tftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux.
|
|||||
| CVE-2002-2322 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
|
|||||
| CVE-2006-0047 | 1 Freeciv | 1 Freeciv | 2025-04-03 | 5.0 MEDIUM | N/A |
|
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
|
|||||
| CVE-2005-1398 | 1 Phpcart | 1 Phpcart | 2025-04-03 | 5.0 MEDIUM | N/A |
|
phpcart.php in PHPCart 3.2 allows remote attackers to change product price information by modifying the (1) price or (2) postage parameters. NOTE: it was later reported that 3.4 through 4.6.4 are also affected.
|
|||||
| CVE-2006-1858 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
|
|||||
| CVE-2005-0449 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.1 HIGH | N/A |
|
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
|
|||||
| CVE-2004-1777 | 1 Skype Technologies | 1 Skype | 2025-04-03 | 5.0 MEDIUM | N/A |
|
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
|
|||||
| CVE-2003-1538 | 1 Suse | 3 Office Server, Suse Linux, Suse Linux Openexchange Server | 2025-04-03 | 6.4 MEDIUM | N/A |
|
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
|
|||||
| CVE-2006-2782 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.
|
|||||
| CVE-2005-3678 | 1 Google | 1 Talk | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Google Talk before 1.0.0.76, with email notification enabled, allows remote attackers to cause a denial of service (connection reset) via email with a blank sender.
|
|||||
| CVE-2003-1441 | 1 Posadis | 1 Posadis | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denial of service (crash) via a DNS message without a question section, which triggers null dereference.
|
|||||
| CVE-2002-1874 | 1 Astrocam | 1 Astrocam | 2025-04-03 | 10.0 HIGH | N/A |
|
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.
|
|||||
| CVE-2006-2920 | 2 Sylpheed, Sylpheed-claws | 2 Sylpheed, Sylpheed-claws | 2025-04-03 | 2.6 LOW | N/A |
|
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.
|
|||||
| CVE-2005-0209 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
|
|||||
| CVE-2005-3467 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities.
|
|||||
| CVE-2002-2423 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
|
|||||
| CVE-2002-2329 | 1 Mirabilis | 1 Icq | 2025-04-03 | 7.8 HIGH | N/A |
|
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
|
|||||
| CVE-2002-1359 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
|
|||||
| CVE-2002-0146 | 1 Fetchmail | 1 Fetchmail | 2025-04-03 | 5.0 MEDIUM | N/A |
|
fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array.
|
|||||
| CVE-2005-0492 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 2.6 LOW | N/A |
|
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node.
|
|||||
| CVE-2006-4935 | 1 Moodle | 1 Moodle | 2025-04-03 | 10.0 HIGH | N/A |
|
The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and remote attack vectors.
|
|||||
| CVE-2002-2415 | 1 Alliedtelesyn | 2 At-8024, Rapier 24 | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service.
|
|||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2025-04-03 | 2.1 LOW | N/A |
|
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
|||||
| CVE-1999-0999 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
|
|||||
| CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2025-04-03 | 10.0 HIGH | N/A |
|
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.
|
|||||
| CVE-2004-1928 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
|
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL.
|
|||||
| CVE-2004-2596 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address.
|
|||||
| CVE-2003-1444 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2025-04-03 | 4.4 MEDIUM | N/A |
|
Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.
|
|||||