Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1579 | 1 Microsoft | 1 Windows Nt | 2018-08-13 | 5.0 MEDIUM | N/A |
| The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on the target machine. | |||||
| CVE-2007-4234 | 1 Camera Life | 1 Camera Life | 2018-08-13 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Camera Life before 2.6 allows remote attackers to download private photos via unspecified vectors associated with the names of the photos. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2014-2891 | 2 Debian, Strongswan | 2 Strongswan, Strongswan | 2018-08-13 | 5.0 MEDIUM | N/A |
| strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. | |||||
| CVE-2010-5210 | 1 Soraxsoft | 1 Sorax Reader | 2018-08-13 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2014-3504 | 3 Apache, Canonical, Serf Project | 3 Subversion, Ubuntu Linux, Serf | 2018-08-13 | 4.0 MEDIUM | N/A |
| The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | |||||
| CVE-2014-4511 | 1 Gitlist | 1 Gitlist | 2018-08-13 | 7.5 HIGH | N/A |
| Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in the URI of a request for a (1) blame, (2) file, or (3) stats page, as demonstrated by requests to blame/master/, master/, and stats/master/. | |||||
| CVE-2008-1160 | 1 Zyxel | 1 Zywall | 2018-08-13 | 7.5 HIGH | N/A |
| ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges. | |||||
| CVE-2013-7446 | 1 Linux | 1 Linux Kernel | 2018-08-13 | 5.4 MEDIUM | 5.3 MEDIUM |
| Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. | |||||
| CVE-2007-4233 | 1 Camera Life | 1 Camera Life | 2018-08-13 | 4.3 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Camera Life before 2.6 allow attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2009-3274 | 2 Linux, Mozilla | 2 Linux Kernel, Firefox | 2018-08-13 | 4.4 MEDIUM | N/A |
| Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2005-3134 | 1 Citrix | 1 Metaframe | 2018-08-13 | 7.5 HIGH | N/A |
| Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName). | |||||
| CVE-2005-2682 | 1 Dtlink | 1 Areaedit | 2018-08-13 | 7.5 HIGH | N/A |
| aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before 0.4.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the dictionary parameter (aka the lang variable). | |||||
| CVE-2005-3107 | 1 Linux | 1 Linux Kernel | 2018-08-13 | 2.1 LOW | N/A |
| fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state. | |||||
| CVE-2005-2277 | 1 Nokia | 1 Affix | 2018-08-13 | 10.0 HIGH | N/A |
| Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command. | |||||
| CVE-2005-4584 | 1 Bzflag | 1 Bzflag Server | 2018-08-13 | 5.0 MEDIUM | N/A |
| BZFlag server 2.0.4 and earlier allows remote attackers to cause a denial of service (application crash) via a callsign that is not followed by a NULL (\0) character. | |||||
| CVE-2005-4829 | 1 Virtuemart | 1 Virtuemart | 2018-08-13 | 10.0 HIGH | N/A |
| VirtueMart before 1.0.1 does not properly handle errors when a user is forbidden to read a requested page, which has unknown impact and remote attack vectors. | |||||
| CVE-2005-1574 | 1 Microsoft | 1 Windows Media Player | 2018-08-13 | 7.5 HIGH | N/A |
| Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled. | |||||
| CVE-2005-1907 | 1 Microsoft | 1 Isa Server | 2018-08-13 | 5.0 MEDIUM | N/A |
| The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic. | |||||
| CVE-2005-3105 | 1 Linux | 1 Linux Kernel | 2018-08-13 | 2.1 LOW | N/A |
| The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly maintain cache coherency as required by the architecture, which allows local users to cause a denial of service and possibly corrupt data by modifying PTE protections. | |||||
| CVE-2006-2289 | 1 Avahi | 1 Avahi | 2018-08-13 | 2.1 LOW | N/A |
| Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors. | |||||