Total
275650 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0009 | 1 Apache-ssl | 1 Apache-ssl | 2024-11-20 | N/A |
| Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user. | ||||
| CVE-2004-0008 | 3 Redhat, Rob Flynn, Ultramagnetic | 4 Enterprise Linux, Linux, Gaim and 1 more | 2024-11-20 | N/A |
| Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | ||||
| CVE-2004-0007 | 3 Redhat, Rob Flynn, Ultramagnetic | 4 Enterprise Linux, Linux, Gaim and 1 more | 2024-11-20 | N/A |
| Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2004-0006 | 3 Redhat, Rob Flynn, Ultramagnetic | 4 Enterprise Linux, Linux, Gaim and 1 more | 2024-11-20 | N/A |
| Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. | ||||
| CVE-2004-0005 | 1 Gaim Project | 1 Gaim | 2024-11-20 | 9.8 Critical |
| Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte. | ||||
| CVE-2004-0004 | 1 Openca | 1 Openca | 2024-11-20 | N/A |
| The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trusted by OpenCA's chain directory, allowing remote attackers to spoof requests from other users. | ||||
| CVE-2004-0003 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-11-20 | N/A |
| Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking." | ||||
| CVE-2004-0002 | 1 Freebsd | 1 Freebsd | 2024-11-20 | N/A |
| The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. | ||||
| CVE-2004-0001 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-20 | N/A |
| Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges. | ||||
| CVE-2003-5003 | 1 Ibm | 1 Iss Blackice Pc Protection | 2024-11-20 | 5 Medium |
| A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2003-5002 | 1 Ibm | 1 Iss Blackice Pc Protection | 2024-11-20 | 3.7 Low |
| A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2003-5001 | 1 Ibm | 1 Iss Blackice Pc Protection | 2024-11-20 | 5.3 Medium |
| A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2003-1605 | 1 Haxx | 1 Curl | 2024-11-20 | N/A |
| curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. | ||||
| CVE-2003-1604 | 1 Linux | 1 Linux Kernel | 2024-11-20 | N/A |
| The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending packets to an interface that has a 0.0.0.0 IP address, a related issue to CVE-2015-8787. | ||||
| CVE-2003-1603 | 1 Gehealthcare | 1 Discovery Vh | 2024-11-20 | N/A |
| GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors. | ||||
| CVE-2003-1599 | 1 Wordpress | 1 Wordpress | 2024-11-20 | N/A |
| PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable. | ||||
| CVE-2003-1598 | 1 Wordpress | 1 Wordpress | 2024-11-20 | N/A |
| SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable. | ||||
| CVE-2003-1596 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-20 | N/A |
| NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | ||||
| CVE-2003-1595 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-20 | N/A |
| NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | ||||
| CVE-2003-1594 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-20 | N/A |
| NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session. | ||||