Total
241099 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1687 | 1 Ibm | 1 Aix | 2024-02-04 | 2.1 LOW | N/A |
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. | |||||
CVE-2001-0538 | 1 Microsoft | 1 Outlook | 2024-02-04 | 10.0 HIGH | N/A |
Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page. | |||||
CVE-2003-0259 | 1 Cisco | 6 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3015 Concentrator and 3 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet. | |||||
CVE-1999-0965 | 1 X.org | 1 Xterm | 2024-02-04 | 6.2 MEDIUM | N/A |
Race condition in xterm allows local users to modify arbitrary files via the logging option. | |||||
CVE-2004-1050 | 2 Avaya, Microsoft | 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more | 2024-02-04 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability." | |||||
CVE-2003-0803 | 1 Nokia | 1 Electronic Documentation | 2024-02-04 | 7.5 HIGH | N/A |
Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user. | |||||
CVE-1999-0178 | 1 Oreilly | 1 Oreilly Website | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string. | |||||
CVE-2001-0489 | 1 Gftp | 1 Gftp | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands. | |||||
CVE-2001-0446 | 1 Ibm | 1 Websphere Commerce Suite | 2024-02-04 | 5.0 MEDIUM | N/A |
IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL. | |||||
CVE-2004-0587 | 3 Mandrakesoft, Redhat, Suse | 4 Mandrake Linux, Mandrake Linux Corporate Server, Fedora Core and 1 more | 2024-02-04 | 2.1 LOW | N/A |
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. | |||||
CVE-2004-2219 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. | |||||
CVE-1999-1100 | 1 Cisco | 1 Pix Private Link | 2024-02-04 | 7.5 HIGH | N/A |
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | |||||
CVE-2001-1240 | 1 Engardelinux | 1 Secure Linux | 2024-02-04 | 10.0 HIGH | N/A |
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access. | |||||
CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | |||||
CVE-2000-0880 | 1 Plus Technologies | 1 Lpplus | 2024-02-04 | 3.6 LOW | N/A |
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file. | |||||
CVE-1999-0938 | 1 University College London | 1 Sdr | 2024-02-04 | 7.5 HIGH | N/A |
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. | |||||
CVE-2000-0016 | 1 True North | 1 Internet Anywhere Mail Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. | |||||
CVE-1999-0087 | 1 Ibm | 1 Aix | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. | |||||
CVE-2001-1580 | 2 Nombas, Novell | 2 Scriptease Webserver, Netware | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string. | |||||
CVE-2002-2333 | 1 Kde | 1 Kde | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. |