Total
238872 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1580 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | |||||
CVE-2004-0757 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2024-02-04 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | |||||
CVE-2001-1097 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | |||||
CVE-2001-1120 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | |||||
CVE-1999-0507 | 2024-02-04 | 7.5 HIGH | N/A | ||
An account on a router, firewall, or other network device has a guessable password. | |||||
CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2024-02-04 | 7.5 HIGH | N/A |
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | |||||
CVE-2003-0251 | 1 Nis | 1 Ypserv Nis Server | 2024-02-04 | 5.0 MEDIUM | N/A |
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block. | |||||
CVE-2004-1374 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | |||||
CVE-2002-0751 | 1 Cgiscript.net | 1 Csmailto | 2024-02-04 | 7.5 HIGH | N/A |
CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters. | |||||
CVE-2001-1069 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 7.2 HIGH | N/A |
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | |||||
CVE-2002-0841 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0842. Reason: This candidate is a duplicate of CVE-2002-0842. The duplicate assignment was made before public disclosure. Notes: none. | |||||
CVE-2001-0742 | 1 Computalynx | 1 Cmail | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows remote attackers to run arbitrary code via a long HELO command. | |||||
CVE-2002-1056 | 1 Microsoft | 2 Outlook, Word | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | |||||
CVE-2001-0986 | 1 Microsoft | 1 Index Server | 2024-02-04 | 5.0 MEDIUM | N/A |
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo. | |||||
CVE-2002-0935 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang. | |||||
CVE-1999-0144 | 1 Qmail Project | 1 Qmail | 2024-02-04 | 2.1 LOW | N/A |
Denial of service in Qmail by specifying a large number of recipients with the RCPT command. | |||||
CVE-2003-0425 | 1 Apple | 1 Darwin Streaming Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request. | |||||
CVE-2002-2411 | 1 Bannerwheel | 1 Bannerwheel | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers to execute arbitrary code via a long rcmd command. | |||||
CVE-2001-1178 | 1 Xfree86 Project | 1 X11r6 | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | |||||
CVE-2001-1526 | 1 Easyscripts | 1 Easynews | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter. |