Vulnerabilities > Linux > Linux Kernel > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-03-03 | CVE-2002-1574 | Unspecified vulnerability in Linux Kernel Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | 4.6 |
2004-01-05 | CVE-2003-0984 | Unspecified vulnerability in Linux Kernel Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. | 4.6 |
2003-12-31 | CVE-2003-1467 | Cross-Site Scripting vulnerability in Phorum Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2003-12-31 | CVE-2003-1454 | Unspecified vulnerability in Invision Power Services Invision Board 1.0/1.0.1/1.1.1 Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | 5.0 |
2003-12-31 | CVE-2003-1430 | Path Traversal vulnerability in Epic Games Unreal Engine 226F/433/436 Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | 5.0 |
2003-12-31 | CVE-2003-1428 | Unspecified vulnerability in Bharat Mediratta Gallery 1.3.3 Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos. | 4.8 |
2003-12-31 | CVE-2003-1423 | Permissions, Privileges, and Access Controls vulnerability in Petitforum Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. | 5.0 |
2003-12-31 | CVE-2003-1372 | Cross-Site Scripting vulnerability in Myphpnuke 1.8.8 Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. | 4.3 |
2003-08-27 | CVE-2003-0619 | Unspecified vulnerability in Linux Kernel Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. | 5.0 |
2003-08-27 | CVE-2003-0467 | Unspecified vulnerability in Linux Kernel 2.4.20/2.4.21 Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error. | 5.0 |