Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7801 total CVE
CVE Vendors Products Updated CVSS
CVE-2002-2423 1 Sendmail 1 Sendmail 2008-09-05 6.4
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
CVE-2002-2421 1 Andrey Cherezov 1 Acweb 2008-09-05 7.8
acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2.
CVE-2002-2420 1 Independent Solution 2 Super Site Searcher, Simple Site Searcher 2008-09-05 7.5
site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
CVE-2002-2415 1 Alliedtelesyn 2 At-8024, Rapier 24 2008-09-05 6.8
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service.
CVE-2002-2406 1 Perception 1 Liteserve 2008-09-05 5.0
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request.
CVE-2002-2371 1 Linksys 1 Wet11 2008-09-05 7.8
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header.
CVE-2002-2365 1 Springer Verlag Berlin Heidelberg 1 Simple Wais 2008-09-05 10.0
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character.
CVE-2002-2354 1 Netgear 1 Fm114p 2008-09-05 7.8
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2002-2338 2 Netscape, Mozilla 3 Mozilla, Navigator, Communicator 2008-09-05 5.0
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end...
CVE-2002-2329 1 Mirabilis 1 Icq 2008-09-05 7.8
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
CVE-2002-2325 1 University Of Washington 1 Pine 2008-09-05 7.8
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header...
CVE-2002-2322 1 Ultimate Php Board 1 Ultimate Php Board 2008-09-05 5.0
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
CVE-2002-2314 1 Mozilla 1 Mozilla 2008-09-05 5.0
Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.
CVE-2002-2236 1 Apt-www-proxy 1 Apt-www-proxy 2008-09-05 10.0
Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code.
CVE-2002-2228 1 Mailscanner 1 Mailscanner 2008-09-05 6.4
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by...
CVE-2002-1874 1 Astrocam 1 Astrocam 2008-09-05 10.0
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the...
CVE-2008-2173 1 Yamaha 1 Router 2008-09-05 7.1
Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
CVE-2007-5928 1 Openbase International Ltd 1 Openbase 2008-09-05 9.0
OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is not clear.
CVE-2004-2706 1 Phrozensmoke 1 Gyach Enhanced 2008-09-05 5.0
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages.
CVE-2008-2170 1 Century Software 1 Router 2008-09-05 7.1
Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.