CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
7674 | CVE-2003-0850 | Candidate | The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." | Assigned (20031010) | None (candidate not yet proposed) | View | |
73210 | CVE-2014-5912 | Candidate | The InNote (aka com.intsig.notes) application 1.0.3.20131119 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | Assigned (20140830) | None (candidate not yet proposed) | View | |
7930 | CVE-2003-1106 | Candidate | The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of service (crash or hang) via an e-mail message with a malformed time stamp in the FILETIME attribute. | Assigned (20050311) | None (candidate not yet proposed) | View | |
73466 | CVE-2014-6167 | Candidate | Cross-site scripting (XSS) vulnerability in the URL rewriting feature in IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | Assigned (20140902) | None (candidate not yet proposed) | View | |
8186 | CVE-2003-1362 | Candidate | Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. | Assigned (20071016) | None (candidate not yet proposed) | View |
Page 20473 of 20943, showing 5 records out of 104715 total, starting on record 102361, ending on 102365