Total
254525 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0060 | 1 Lucent | 3 Ascend Max Router, Ascend Pipeline Router, Ascend Tnt Router | 2024-02-04 | 5.0 MEDIUM | N/A |
| Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool. | |||||
| CVE-2002-2121 | 1 Surfcontrol | 1 Superscout Email Filter | 2024-02-04 | 5.0 MEDIUM | N/A |
| SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attackers to cause a denial of service (crash) via a long SMTP (1) HELO or (2) RCPT TO command, possibly due to a buffer overflow. | |||||
| CVE-1999-0058 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in PHP cgi program, php.cgi allows shell access. | |||||
| CVE-2003-0540 | 2 Conectiva, Wietse Venema | 2 Linux, Postfix | 2024-02-04 | 5.0 MEDIUM | N/A |
| The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up. | |||||
| CVE-1999-1158 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd. | |||||
| CVE-2002-2352 | 1 Neosoft | 1 Neobook | 2024-02-04 | 5.8 MEDIUM | N/A |
| The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs. | |||||
| CVE-2004-1332 | 1 Hp | 5 Hp-ux, Hp-ux Series 700, Hp-ux Series 800 and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. | |||||
| CVE-2002-1118 | 1 Oracle | 2 Oracle8i, Oracle9i | 2024-02-04 | 5.0 MEDIUM | N/A |
| TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command. | |||||
| CVE-2001-0214 | 1 Way | 1 Way-board | 2024-02-04 | 5.0 MEDIUM | N/A |
| Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte. | |||||
| CVE-2002-2015 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 7.5 HIGH | N/A |
| PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter. | |||||
| CVE-2002-2008 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
| Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message. | |||||
| CVE-2004-1156 | 1 Mozilla | 2 Firefox, Mozilla | 2024-02-04 | 4.3 MEDIUM | N/A |
| Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2004-1751 | 1 Massive Entertainment | 1 Ground Control Ii Operation Exodus | 2024-02-04 | 5.0 MEDIUM | N/A |
| Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error. | |||||
| CVE-1999-0261 | 2024-02-04 | 5.0 MEDIUM | N/A | ||
| Netmanager Chameleon SMTPd has several buffer overflows that cause a crash. | |||||
| CVE-2002-1993 | 1 Affordable Web Space Design | 1 Affordable Web Space Design Webbbs | 2024-02-04 | 10.0 HIGH | N/A |
| webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter. | |||||
| CVE-2002-2147 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1828. Reason: This candidate is a duplicate of CVE-2002-1828. Notes: All CVE users should reference CVE-2002-1828 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2002-0359 | 1 Sgi | 1 Irix | 2024-02-04 | 10.0 HIGH | N/A |
| xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges. | |||||
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.2 HIGH | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
| CVE-2002-0387 | 1 Sun | 1 One Application Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. | |||||
| CVE-2003-0154 | 1 Mozilla | 1 Bonsai | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244. | |||||