Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-1195 | 4.9 |
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Opti
|
15-02-2024 - 18:54 | 28-05-2009 - 20:30 | |
CVE-2004-0365 | 5.0 |
The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.
|
14-02-2024 - 01:17 | 04-05-2004 - 04:00 | |
CVE-2004-0176 | 5.0 |
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
|
14-02-2024 - 01:17 | 04-05-2004 - 04:00 | |
CVE-2004-0079 | 5.0 |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
|
28-12-2023 - 15:33 | 23-11-2004 - 05:00 | |
CVE-2004-0081 | 5.0 |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
|
08-11-2021 - 15:48 | 23-11-2004 - 05:00 | |
CVE-2004-0113 | 5.0 |
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
|
06-06-2021 - 11:15 | 29-03-2004 - 05:00 | |
CVE-2007-5239 | 4.0 |
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (
|
30-10-2018 - 16:26 | 06-10-2007 - 00:17 | |
CVE-2007-0779 | 6.4 |
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot
|
16-10-2018 - 16:34 | 26-02-2007 - 20:28 | |
CVE-2009-0217 | 5.0 |
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLog
|
12-10-2018 - 21:49 | 14-07-2009 - 23:30 | |
CVE-2002-0013 | 10.0 |
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by th
|
12-10-2018 - 21:30 | 13-02-2002 - 05:00 | |
CVE-2010-0164 | 9.3 |
Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application cras
|
10-10-2018 - 19:51 | 25-03-2010 - 21:00 | |
CVE-2008-1722 | 4.3 |
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
|
03-10-2018 - 21:54 | 10-04-2008 - 19:05 | |
CVE-2003-0564 | 5.0 |
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message cont
|
11-10-2017 - 01:29 | 01-12-2003 - 05:00 | |
CVE-2005-0176 | 5.0 |
The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
|
11-10-2017 - 01:29 | 15-02-2005 - 05:00 | |
CVE-2004-0110 | 7.5 |
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
|
11-10-2017 - 01:29 | 15-03-2004 - 05:00 | |
CVE-2003-0594 | 7.5 |
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g.
|
11-10-2017 - 01:29 | 15-04-2004 - 04:00 | |
CVE-2004-0189 | 7.5 |
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the acce
|
10-10-2017 - 01:30 | 15-03-2004 - 05:00 | |
CVE-2004-0191 | 6.8 |
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated us
|
10-10-2017 - 01:30 | 15-03-2004 - 05:00 | |
CVE-2008-5086 | 7.2 |
Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions.
|
29-09-2017 - 01:32 | 19-12-2008 - 17:30 | |
CVE-2010-0168 | 7.6 |
The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow
|
19-09-2017 - 01:30 | 25-03-2010 - 21:00 |