Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0262 | 1 Renaud Deraison | 1 Faxsurvey | 2018-05-02 | 7.5 HIGH | N/A |
| Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
| CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2018-05-02 | 7.5 HIGH | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
| CVE-1999-0270 | 1 Sgi | 1 Irix | 2018-05-02 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. | |||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2018-05-02 | 7.2 HIGH | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | |||||
| CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2018-05-02 | 7.2 HIGH | N/A |
| Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||||
| CVE-1999-1122 | 1 Sun | 1 Sunos | 2018-05-02 | 4.6 MEDIUM | N/A |
| Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. | |||||
| CVE-1999-0288 | 1 Microsoft | 1 Windows Nt | 2018-05-02 | 5.0 MEDIUM | N/A |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | |||||
| CVE-2001-0060 | 1 Stunnel | 1 Stunnel | 2018-05-02 | 10.0 HIGH | N/A |
| Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username. | |||||
| CVE-1999-1147 | 1 Platinum | 1 Policy Compliance Manager | 2018-05-02 | 7.5 HIGH | N/A |
| Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe. | |||||
| CVE-1999-1156 | 1 Bisonware | 1 Bisonware Ftp Server | 2018-05-02 | 5.0 MEDIUM | N/A |
| BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | |||||
| CVE-1999-0305 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2018-05-02 | 5.0 MEDIUM | N/A |
| The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. | |||||
| CVE-2004-0414 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2018-05-02 | 10.0 HIGH | N/A |
| CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | |||||
| CVE-2005-1751 | 1 Shtool | 1 Shtool | 2018-05-02 | 3.7 LOW | N/A |
| Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759. | |||||
| CVE-2005-2969 | 1 Openssl | 1 Openssl | 2018-05-02 | 5.0 MEDIUM | N/A |
| The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. | |||||
| CVE-2005-2629 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2018-05-02 | 5.1 MEDIUM | N/A |
| Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481. | |||||
| CVE-2005-2871 | 1 Mozilla | 1 Firefox | 2018-05-02 | 7.5 HIGH | N/A |
| Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. | |||||
| CVE-2005-3295 | 1 Hp | 1 Hp-ux | 2018-05-02 | 2.1 LOW | N/A |
| Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size." | |||||
| CVE-2005-0525 | 1 Php | 1 Php | 2018-05-02 | 5.0 MEDIUM | N/A |
| The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. | |||||
| CVE-2005-0524 | 1 Php | 1 Php | 2018-05-02 | 5.0 MEDIUM | N/A |
| The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. | |||||
| CVE-2005-0401 | 1 Mozilla | 2 Firefox, Mozilla | 2018-05-02 | 5.1 MEDIUM | N/A |
| FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2." | |||||