|
1997-08-01
|
CVE-1999-0524
|
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
|
Mac_os_x, Macos, Ios, Hp\-Ux, Tru64, Aix, Os2, Linux_kernel, Windows, Netware, Solaris, Sco_unix, Irix, Bsdos
|
N/A
|
|
|
|
1997-12-01
|
CVE-1999-0016
|
Land IP denial of service.
|
Ios, Inet, Hp\-Ux, Windows_95, Windows_nt, Winsock, Netbsd, Sunos
|
N/A
|
|
|
|
2012-05-11
|
CVE-2012-1823
|
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
|
Mac_os_x, Debian_linux, Fedora, Hp\-Ux, Opensuse, Php, Application_stack, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Gluster_storage_server_for_on\-Premise, Storage, Storage_for_public_cloud, Linux_enterprise_server, Linux_enterprise_software_development_kit
|
9.8
|
|
|
|
2004-11-23
|
CVE-2004-0079
|
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
|
Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Speed_technologies_litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Stonegate, Stonegate_vpn_client, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server
|
7.5
|
|
|
|
2023-06-16
|
CVE-2023-30903
|
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
|
Hp\-Ux
|
5.5
|
|
|
|
1996-07-03
|
CVE-1999-0022
|
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
|
Bsd_os, Freebsd, Hp\-Ux, Aix, Irix, Solaris, Sunos
|
N/A
|
|
|
|
2015-05-21
|
CVE-2015-4000
|
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
|
Iphone_os, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Hp\-Ux, Content_manager, Internet_explorer, Firefox, Firefox_esr, Firefox_os, Network_security_services, Seamonkey, Thunderbird, Openssl, Opera_browser, Jdk, Jre, Jrockit, Sparc\-Opl_service_processor, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server
|
3.7
|
|
|
|
1997-04-26
|
CVE-1999-0038
|
Buffer overflow in xlock program allows local users to execute commands as root.
|
Bsd_os, Dg_ux, Debian_linux, Hp\-Ux, Aix, Irix, Solaris, Sunos
|
N/A
|
|
|
|
2004-07-27
|
CVE-2004-0594
|
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
|
Converged_communications_server, Debian_linux, Hp\-Ux, Openpkg, Php, Secure_linux
|
N/A
|
|
|
|
2004-11-23
|
CVE-2004-0112
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
|
Webstar, Mac_os_x, Mac_os_x_server, Converged_communications_server, Intuity_audix, S8300, S8500, S8700, Sg200, Sg203, Sg208, Sg5, Vsu, Cacheos_ca_sa, Proxysg, Firewall\-1, Provider\-1, Vpn\-1, Access_registrar, Application_and_content_networking_software, Call_manager, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Content_services_switch_11500, Css11000_content_services_switch, Css_secure_content_accelerator, Firewall_services_module, Gss_4480_global_site_selector, Gss_4490_global_site_selector, Ios, Mds_9000, Okena_stormwatch, Pix_firewall, Pix_firewall_software, Secure_content_accelerator, Threat_response, Webns, Bsafe_ssl\-J, Stonegate, Freebsd, Aaa_server, Apache\-Based_web_server, Hp\-Ux, Wbem, Litespeed_web_server, Instant_virtual_extranet, Edirectory, Imanager, Openbsd, Openssl, Enterprise_linux, Enterprise_linux_desktop, Linux, Openssl, Openserver, Sidewinder, Propack, Servercluster, Stonebeat_fullcluster, Stonebeat_securitycluster, Stonebeat_webcluster, Crypto_accelerator_4000, Clientless_vpn_gateway_4400, Tarantella_enterprise, Gsx_server
|
N/A
|
|
|