Total
240118 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1188 | 1 Oracle | 1 Mysql | 2024-02-04 | 4.6 MEDIUM | N/A |
mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. | |||||
CVE-2000-1201 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 5.0 MEDIUM | N/A |
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. | |||||
CVE-2000-0964 | 1 Siemens | 1 Hinet Lp | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
CVE-2002-1927 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2024-02-04 | 2.1 LOW | N/A |
Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file. | |||||
CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2024-02-04 | 10.0 HIGH | N/A |
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | |||||
CVE-2003-1522 | 1 Pscs | 1 Vpop3 Web Mail Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page. | |||||
CVE-2001-0865 | 1 Cisco | 1 12000 Router | 2024-02-04 | 7.5 HIGH | N/A |
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | |||||
CVE-2001-0486 | 1 Novell | 1 Bordermanager | 2024-02-04 | 5.0 MEDIUM | N/A |
Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353. | |||||
CVE-2004-1983 | 2 Gentoo, The Pax Team | 2 Linux, Pax Linux | 2024-02-04 | 2.1 LOW | N/A |
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
CVE-2000-0889 | 2024-02-04 | 5.1 MEDIUM | N/A | ||
Two Sun security certificates have been compromised, which could allow attackers to insert malicious code such as applets and make it appear that it is signed by Sun. | |||||
CVE-2003-0487 | 1 Kerio | 1 Kerio Mailserver | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module. | |||||
CVE-2002-2358 | 1 Opera Software | 1 Opera Web Browser | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. | |||||
CVE-2002-0078 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability. | |||||
CVE-2000-0840 | 1 Davide Libenzi | 1 Xmail | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command. | |||||
CVE-2000-1138 | 1 Ibm | 1 Lotus Notes | 2024-02-04 | 7.5 HIGH | N/A |
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. | |||||
CVE-2004-0850 | 1 Joerg Schilling | 1 Star Tape Archiver | 2024-02-04 | 7.2 HIGH | N/A |
Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to reference a malicious program. | |||||
CVE-1999-1327 | 1 Redhat | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable. | |||||
CVE-1999-0226 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. | |||||
CVE-2004-0158 | 1 Lgames | 1 Lbreakout2 | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. | |||||
CVE-1999-0756 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 5.0 MEDIUM | N/A |
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility. |