Total
93126 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0065 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. | |||||
CVE-2002-2208 | 2 Cisco, Extended Interior Gateway Routing Protocol | 2 Ios, Extended Interior Gateway Routing Protocol | 2024-02-04 | 7.8 HIGH | N/A |
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. | |||||
CVE-1999-0910 | 1 Microsoft | 3 Commercial Internet System, Site Server, Site Server Commerce | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. | |||||
CVE-2004-0673 | 1 Simm-comm | 1 Sci Photo Chat | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message. | |||||
CVE-2002-1245 | 1 Frank Mcingvale | 1 Luxman | 2024-02-04 | 7.2 HIGH | N/A |
Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program. | |||||
CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2024-02-04 | 4.6 MEDIUM | N/A |
NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | |||||
CVE-2000-1045 | 1 Padl Software | 1 Nss Ldap | 2024-02-04 | 1.2 LOW | N/A |
nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests. | |||||
CVE-2003-1014 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2024-02-04 | 7.5 HIGH | N/A |
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients. | |||||
CVE-1999-1089 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. | |||||
CVE-2003-0602 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs. | |||||
CVE-2002-1868 | 1 Daniel Stenberg | 1 Dispair | 2024-02-04 | 10.0 HIGH | N/A |
Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields. | |||||
CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2024-02-04 | 5.0 MEDIUM | N/A |
Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||
CVE-2004-1780 | 1 Info Touch | 1 Surfnet | 2024-02-04 | 4.6 MEDIUM | N/A |
Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via repeated authentication attempts. | |||||
CVE-2002-1079 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request. | |||||
CVE-2001-1122 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. | |||||
CVE-2004-1595 | 1 Shixxnote | 1 Shixxnote | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field. | |||||
CVE-2001-0413 | 1 Bintec | 3 X1000, X1200, X4000 | 2024-02-04 | 5.0 MEDIUM | N/A |
BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to hang. | |||||
CVE-2001-0258 | 1 I-data International | 1 Easycom Safecom Print Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters. | |||||
CVE-2002-0992 | 1 Hp | 1 Hp-ux | 2024-02-04 | 2.1 LOW | N/A |
Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. | |||||
CVE-2000-0834 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.5 HIGH | N/A |
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability. |