CVE-2003-1491

CVE-2003-1491 - Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. ...
7 years ago

CVE-2013-2394 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, ...
2 years ago

CVE-2013-2432 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, ...
2 years ago

CVE-2002-1491 - The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges. ...
16 years ago

CVE-2007-1491 - Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties. ...
16 years ago

CVE-2010-1491 - Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. ...
11 years ago

CVE-1999-1491 - abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program. ...
8 years ago

CVE-2001-1491 - Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images. ...
7 years ago

CVE-2005-1491 - Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html. ...
7 years ago

CVE-2006-1491 - Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer. ...
7 years ago

CVE-2009-1491 - McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, which allows remote attackers to bypass virus ...
7 years ago

CVE-2011-1491 - The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login ...
7 years ago

CVE-2013-1491 - The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as ...
7 years ago

CVE-2015-1491 - SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. ...
7 years ago

CVE-2016-1491 - The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. ...
6 years ago

CVE-2008-1491 - Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623. ...
6 years ago

CVE-2017-1491 - IBM QRadar Network Security 5.4 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest ...
5 years ago

CVE-2014-1491 - Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in ...
1 year ago

CVE-2020-2509 - A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following ...
3 years ago

CVE-2020-1491 - <p>An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> ...
11 months ago

CVE-2004-1491 - Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. ...
2 years ago

CVE-2022-1491 - Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. ...
2 years ago

CVE-2023-1491 - A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects the function 0x220020 in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access ...
1 year ago

CVE-2024-1491 - The devices allow access to an unprotected endpoint that allows MPFS ...
6 months ago

CVE-2024-20079 - In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ...
5 months ago