CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2005-0844
https://notcve.org/view.php?id=CVE-2005-0844
24 Mar 2005 — Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information. • http://marc.info/?l=bugtraq&m=111151589203707&w=2 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 8%CPEs: 3EXPL: 3CVE-2004-2549 – Nortel Wireless LAN Access Point 2200 Series - Denial of Service
https://notcve.org/view.php?id=CVE-2004-2549
31 Dec 2004 — Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allow remote attackers to cause a denial of service (service crash) via a TCP request with a large string, followed by 8 newline characters, to (1) the Telnet service on TCP port 23 and (2) the HTTP service on TCP port 80, possibly due to a buffer overflow. • https://www.exploit-db.com/exploits/23786 •
CVSS: 7.4EPSS: 0%CPEs: 5EXPL: 0CVE-2004-2621
https://notcve.org/view.php?id=CVE-2004-2621
31 Dec 2004 — Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack. • http://secunia.com/advisories/12881 •
CVSS: 6.2EPSS: 62%CPEs: 67EXPL: 1CVE-2004-1305 – Microsoft Windows Kernel - '.ANI' File Parsing Crash
https://notcve.org/view.php?id=CVE-2004-1305
23 Dec 2004 — The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. • https://www.exploit-db.com/exploits/721 •
CVSS: 8.1EPSS: 34%CPEs: 27EXPL: 2CVE-2004-1319
https://notcve.org/view.php?id=CVE-2004-1319
15 Dec 2004 — The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. • http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2004-1105
https://notcve.org/view.php?id=CVE-2004-1105
01 Dec 2004 — Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. Nortel Networks Contivity VPN Client muestra un mensaje de error dependiendo de si el nombre de usuario es válido o no, lo que podría permitir a atacantes remotos obtener información sensible. • http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html •
CVSS: 5.0EPSS: 38%CPEs: 46EXPL: 1CVE-2004-0839
https://notcve.org/view.php?id=CVE-2004-0839
18 Aug 2004 — Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". • http://marc.info/?l=bugtraq&m=109303291513335&w=2 •
CVSS: 9.8EPSS: 8%CPEs: 3EXPL: 0CVE-2004-0056
https://notcve.org/view.php?id=CVE-2004-0056
15 Jan 2004 — Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. Múltiples vulnerabilidades en la implementación del protocolo H.323 en Nortel Networks Communications Manager (BCM), Succession 1000 IP Trunk and... • http://www.cert.org/advisories/CA-2004-01.html •
CVSS: 9.8EPSS: 11%CPEs: 2EXPL: 1CVE-2003-1115
https://notcve.org/view.php?id=CVE-2003-1115
31 Dec 2003 — The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Server 2000, when using SIP-T, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. • http://www.cert.org/advisories/CA-2003-06.html •
CVSS: 7.5EPSS: 7%CPEs: 3EXPL: 2CVE-2002-0540 – Nortel CVX 1800 Multi-Service Access Switch - Default SNMP Community
https://notcve.org/view.php?id=CVE-2002-0540
11 Jun 2002 — Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration. • https://www.exploit-db.com/exploits/21378 •