Total
239845 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1361 | 1 Twig Development Team | 1 Twig | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links. | |||||
CVE-1999-0108 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
The printers program in IRIX has a buffer overflow that gives root access to local users. | |||||
CVE-1999-1509 | 1 Etype | 1 Eserv | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL. | |||||
CVE-2004-1999 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php. | |||||
CVE-1999-0633 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The HTTP/WWW service is running." | |||||
CVE-2000-1139 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 7.5 HIGH | N/A |
The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. | |||||
CVE-2000-0903 | 1 Qnx | 1 Voyager | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-1999-0470 | 1 Novell | 1 Netware | 2024-02-04 | 5.0 MEDIUM | N/A |
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. | |||||
CVE-2001-1137 | 1 D-link | 1 Dl-704 | 2024-02-04 | 5.0 MEDIUM | N/A |
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments. | |||||
CVE-2004-0290 | 1 Freeform Interactive | 2 Purge, Purge Jihad | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary code via an information packet that contains large (1) battle type and (2) map name fields. | |||||
CVE-1999-0425 | 1 Netscape | 1 Communicator | 2024-02-04 | 6.4 MEDIUM | N/A |
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. | |||||
CVE-2003-1480 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-02-04 | 4.3 MEDIUM | N/A |
MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods. | |||||
CVE-2002-1526 | 1 Emumail | 1 Emu Webmail | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field. | |||||
CVE-2002-1947 | 1 Webmin | 1 Webmin | 2024-02-04 | 6.4 MEDIUM | N/A |
Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | |||||
CVE-2000-0981 | 1 Oracle | 1 Mysql | 2024-02-04 | 7.2 HIGH | N/A |
MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password. | |||||
CVE-2002-0013 | 1 Snmp | 1 Snmp | 2024-02-04 | 10.0 HIGH | N/A |
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | |||||
CVE-1999-0059 | 1 Sgi | 1 Irix | 2024-02-04 | 7.1 HIGH | N/A |
IRIX fam service allows an attacker to obtain a list of all files on the server. | |||||
CVE-2000-0992 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. | |||||
CVE-2003-1016 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2024-02-04 | 7.5 HIGH | N/A |
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients. | |||||
CVE-2004-0051 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2024-02-04 | 7.5 HIGH | N/A |
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients. |