|
306371
|
7.5 |
HIGH
Network
|
haxx
|
curl
|
curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.
|
CWE-255
Credentials Management
|
CVE-2003-1605
|
2024-11-21 08:47 |
2018-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306372
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending …
|
NVD-CWE-Other
|
CVE-2003-1604
|
2024-11-21 08:47 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306373
|
- |
|
gehealthcare
|
discovery_vh
|
GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has u…
|
CWE-255
Credentials Management
|
CVE-2003-1603
|
2024-11-21 08:47 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306374
|
- |
|
wordpress
|
wordpress
|
PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.
|
CWE-94
Code Injection
|
CVE-2003-1599
|
2024-11-21 08:47 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306375
|
- |
|
wordpress
|
wordpress
|
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.
|
CWE-89
SQL Injection
|
CVE-2003-1598
|
2024-11-21 08:47 |
2014-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306376
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.
|
-
|
CVE-2002-2438
|
2024-11-21 08:43 |
2021-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306377
|
9.8 |
CRITICAL
Network
|
snoopy_project
|
snoopy
|
Snoopy before 2.0.0 has a security hole in exec cURL
|
CWE-20
Improper Input Validation
|
CVE-2002-2444
|
2024-11-21 08:43 |
2019-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306378
|
7.8 |
HIGH
Local
|
gnu
|
gcc
|
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2002-2439
|
2024-11-21 08:43 |
2019-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306379
|
- |
|
gehealthcare
|
millennium_mg_firmware
millennium_nc_firmware
millennium_myosight_firmware
|
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which …
|
CWE-255
Credentials Management
|
CVE-2002-2446
|
2024-11-21 08:43 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306380
|
- |
|
gehealthcare
|
millennium_myosight
millennium_nc
millennium_mg
|
GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the r…
|
NVD-CWE-noinfo
|
CVE-2002-2445
|
2024-11-21 08:43 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
