Total
254263 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0182 | 1 Samba | 1 Samba | 2024-02-04 | 10.0 HIGH | N/A |
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | |||||
CVE-1999-0722 | 1 Sun | 1 Cobalt Raq 2 | 2024-02-04 | 10.0 HIGH | N/A |
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. | |||||
CVE-2003-0153 | 1 Mozilla | 1 Bonsai | 2024-02-04 | 5.0 MEDIUM | N/A |
bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi. | |||||
CVE-2002-2029 | 1 Apache | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string. | |||||
CVE-2000-0744 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate is a duplicate of CVE-2000-0743. Notes: All CVE users should reference CVE-2000-0743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2000-0631 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability. | |||||
CVE-1999-0803 | 1 Ibm | 1 Aix Enetwork Firewall | 2024-02-04 | 2.1 LOW | N/A |
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. | |||||
CVE-2003-0402 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2024-02-04 | 5.0 MEDIUM | N/A |
The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks. | |||||
CVE-2004-1758 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 4.6 MEDIUM | N/A |
BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database username and password for an untargeted JDBC connection pool in plaintext in config.xml, which allows local users to gain privileges. | |||||
CVE-2003-1313 | 1 Eternalmart | 1 Mailing List Manager | 2024-02-04 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php. | |||||
CVE-2001-1304 | 1 Nullsoft | 1 Shoutcast Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header. | |||||
CVE-2000-0451 | 1 Intel | 1 Express 8100 | 2024-02-04 | 5.0 MEDIUM | N/A |
The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets. | |||||
CVE-2000-0934 | 1 Redhat | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack. | |||||
CVE-2002-0876 | 1 Evolvable Corporation | 1 Shambala Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request. | |||||
CVE-2003-0401 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2024-02-04 | 5.0 MEDIUM | N/A |
Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. | |||||
CVE-2002-0132 | 1 Chinput | 1 Chinput | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Chinput 3.0 allows local users to execute arbitrary code via a long HOME environment variable. | |||||
CVE-2004-0250 | 1 Photopost | 1 Photopost Php Pro | 2024-02-04 | 10.0 HIGH | N/A |
SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain privileges via (1) the product parameter in showproduct.php or (2) the cat parameter in showcat.php. | |||||
CVE-2002-1232 | 3 Debian, Hp, Redhat | 3 Debian Linux, Secure Os, Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | |||||
CVE-2002-0171 | 1 Sgi | 1 Irisconsole | 2024-02-04 | 7.5 HIGH | N/A |
IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges. | |||||
CVE-2003-0849 | 1 Gnu | 1 Cfengine | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. |