Total
254365 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0552 | 1 Sophos | 1 Small Business Suite | 2024-02-04 | 7.5 HIGH | N/A |
| Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed. | |||||
| CVE-2000-0510 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request. | |||||
| CVE-2002-0031 | 1 Yahoo | 1 Messenger | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend. | |||||
| CVE-2004-0549 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 10.0 HIGH | N/A |
| The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object. | |||||
| CVE-2004-0028 | 1 Samba | 1 Jitterbug | 2024-02-04 | 7.5 HIGH | N/A |
| jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. | |||||
| CVE-2000-0683 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. | |||||
| CVE-2002-1460 | 1 Leszek Krupinski | 1 L-forum | 2024-02-04 | 5.0 MEDIUM | N/A |
| L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0502 | 3 Hp, Redhat, Sun | 4 Hp-ux, Linux, Solaris and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
| A Unix account has a default, null, blank, or missing password. | |||||
| CVE-1999-0784 | 1 Oracle | 1 Database Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. | |||||
| CVE-2000-0917 | 3 Caldera, Redhat, Trustix | 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
| Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-1462 | 1 Rsa | 1 Securid | 2024-02-04 | 7.5 HIGH | N/A |
| WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information. | |||||
| CVE-2001-0009 | 1 Lotus | 1 Domino Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. | |||||
| CVE-1999-0228 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. | |||||
| CVE-2004-1526 | 1 New Media Generation | 1 Hired Team Trial | 2024-02-04 | 7.5 HIGH | N/A |
| Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game players can kick other players off the server, including the administrator. | |||||
| CVE-2002-1146 | 1 Gnu | 1 Glibc | 2024-02-04 | 5.0 MEDIUM | N/A |
| The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash). | |||||
| CVE-2000-0838 | 1 Fastream | 1 Fur Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request. | |||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2024-02-04 | 10.0 HIGH | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||||
| CVE-1999-0008 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in NIS+, in Sun's rpc.nisd program. | |||||
| CVE-2000-0404 | 1 Microsoft | 5 Terminal Server, Windows 2000, Windows 95 and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | |||||
| CVE-1999-0975 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-04 | 4.6 MEDIUM | N/A |
| The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | |||||