Max CVSS 10.0 Min CVSS 3.7 Total Count37
IDCVSSSummaryLast (major) updatePublished
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
06-12-2016 - 21:59 17-01-2003 - 00:00
CVE-2005-0804 5.0
Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field.
17-10-2016 - 23:14 02-05-2005 - 00:00
CVE-2005-0739 5.0
The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly han
17-10-2016 - 23:14 02-05-2005 - 00:00
CVE-2005-0699 7.5
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length val
17-10-2016 - 23:13 08-03-2005 - 00:00
CVE-2005-0647 5.0
admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php.
17-10-2016 - 23:13 02-05-2005 - 00:00
CVE-2005-0646 7.5
SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
17-10-2016 - 23:13 02-05-2005 - 00:00
CVE-2005-0547 4.6
Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."
17-10-2016 - 23:12 24-02-2005 - 00:00
CVE-2004-1486 10.0
Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 and B.01.04 through B.03.00.01 on HP-UX, Serviceguard A.11.14.04 and A.11.15.04 and Cluster Object Manager B.02.01.02 and B.02.02.02 on HP Linux, allo
17-10-2016 - 22:54 31-12-2004 - 00:00
CVE-2004-1465 3.7
Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line.
17-10-2016 - 22:54 31-12-2004 - 00:00
CVE-2004-0744 5.0
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, lar
17-10-2016 - 22:48 23-11-2004 - 00:00
CVE-2004-0174 5.0
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listeni
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0148 7.2
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2004-0113 5.0
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
17-10-2016 - 22:41 29-03-2004 - 00:00
CVE-2004-0112 5.0
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2003-0078 5.0
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cry
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0020 5.0
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
17-10-2016 - 22:28 18-03-2003 - 00:00
CVE-2002-0843 7.5
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0840 6.8
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web pag
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0839 7.2
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0658 6.2
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
04-09-2013 - 00:18 12-08-2002 - 00:00
CVE-1999-0353 9.3
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
03-09-2013 - 00:01 10-02-1999 - 00:00
CVE-2005-4316 7.8
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
07-03-2011 - 21:27 17-12-2005 - 06:03
CVE-2003-0545 10.0
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0544 5.0
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer wh
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0543 5.0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2005-0766 5.0
Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attackers to cause a denial of service (application crash).
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0765 5.0
Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).
21-08-2010 - 00:26 12-03-2005 - 00:00
CVE-2005-0705 5.0
The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enabled. allows remote attackers to cause a denial of service (application crash).
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0704 7.5
Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-1999-0436 4.6
Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.
09-09-2008 - 08:34 01-03-1999 - 00:00
CVE-1999-0435 7.2
MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.
09-09-2008 - 08:34 01-03-1999 - 00:00
CVE-1999-0333 7.5
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
09-09-2008 - 08:34 01-08-1998 - 00:00
CVE-2005-0818 4.3
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
05-09-2008 - 16:47 02-05-2005 - 00:00
CVE-2005-0667 5.1
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies
05-09-2008 - 16:46 07-03-2005 - 00:00
CVE-2002-1265 5.0
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
05-09-2008 - 16:30 12-11-2002 - 00:00
CVE-2002-1156 5.0
Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
05-09-2008 - 16:29 11-10-2002 - 00:00
Back to Top Mark selected
Back to Top