ReportizFlow
Filtered by vendor
Subscriptions
Total
29889 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1653 | 1 Farm9 | 1 Cryptcat | 2025-04-03 | N/A |
| Farm9 Cryptcat, when started in server mode with the -e option, does not enable encryption, which allows clients to communicate without encryption despite intended configuration, and may allow remote attackers to sniff sensitive information. | ||||
| CVE-2002-1656 | 1 Xqus | 1 X-news | 2025-04-03 | N/A |
| X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie. | ||||
| CVE-2003-0364 | 1 Redhat | 2 Enterprise Linux, Linux | 2025-04-03 | N/A |
| The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. | ||||
| CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | N/A |
| IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | ||||
| CVE-2000-0851 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability. | ||||
| CVE-1999-0519 | 1 Microsoft | 4 Outlook, Windows 2000, Windows 95 and 1 more | 2025-04-03 | N/A |
| A NETBIOS/SMB share password is the default, null, or missing. | ||||
| CVE-2003-0464 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd. | ||||
| CVE-2005-0063 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more | 2025-04-03 | N/A |
| The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. | ||||
| CVE-2005-1043 | 7 Apple, Conectiva, Peachtree and 4 more | 8 Mac Os X, Mac Os X Server, Linux and 5 more | 2025-04-03 | N/A |
| exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. | ||||
| CVE-2005-1184 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98se and 2 more | 2025-04-03 | N/A |
| The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated. | ||||
| CVE-2005-1769 | 2 Redhat, Squirrelmail | 2 Enterprise Linux, Squirrelmail | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in (1) the URL or (2) an e-mail message. | ||||
| CVE-2005-1797 | 1 Openssl | 1 Openssl | 2025-04-03 | N/A |
| The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations. | ||||
| CVE-2005-2123 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord. | ||||
| CVE-2005-2441 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the (1) UserName parameter to profile.php or (2) UserID parameter to login.php. | ||||
| CVE-2005-2827 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability." | ||||
| CVE-2005-3054 | 1 Php | 1 Php | 2025-04-03 | N/A |
| fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. | ||||
| CVE-2005-3168 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists (ACLs) on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the template. | ||||
| CVE-2005-3172 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable buffer overflow attacks. | ||||
| CVE-2005-3319 | 1 Php | 1 Php | 2025-04-03 | N/A |
| The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost. | ||||
| CVE-1999-0004 | 3 Hp, Sco, University Of Washington | 3 Dtmail, Unixware, Pine | 2025-04-03 | N/A |
| MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. | ||||