Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0840 | 1 Compaq | 1 Insight Manager Xe | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI. | |||||
CVE-1999-0689 | 2 Cde, Sun | 3 Cde, Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. | |||||
CVE-2000-0758 | 1 Lyris | 1 List Manager | 2024-02-04 | 4.6 MEDIUM | N/A |
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field. | |||||
CVE-2003-1322 | 1 Atrium Software | 1 Mercur Mailserver | 2024-02-04 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command. | |||||
CVE-1999-0173 | 1 Matt Wright | 1 Formmail | 2024-02-04 | 5.0 MEDIUM | N/A |
FormMail CGI program can be used by web servers other than the host server that the program resides on. | |||||
CVE-2003-0208 | 1 Macromedia | 1 Flash | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field. | |||||
CVE-1999-0220 | 2024-02-04 | 10.0 HIGH | N/A | ||
Attackers can do a denial of service of IRC by crashing the server. | |||||
CVE-1999-0671 | 1 Toxsoft | 1 Nextftp | 2024-02-04 | 5.1 MEDIUM | N/A |
Buffer overflow in ToxSoft NextFTP client through CWD command. | |||||
CVE-2003-1246 | 1 Pedestal Software | 1 Integrity Protection Driver | 2024-02-04 | 2.1 LOW | N/A |
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. | |||||
CVE-2003-0469 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. | |||||
CVE-2000-0278 | 1 Saleslogix | 1 Corporation Eviewer | 2024-02-04 | 5.0 MEDIUM | N/A |
The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user. | |||||
CVE-1999-1432 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges. | |||||
CVE-1999-1567 | 1 Seapine Software | 1 Testtrack | 2024-02-04 | 5.0 MEDIUM | N/A |
Seapine Software TestTrack server allows a remote attacker to cause a denial of service (high CPU) via (1) TestTrackWeb.exe and (2) ttcgi.exe by connecting to port 99 and disconnecting without sending any data. | |||||
CVE-2004-1580 | 1 Devellion | 1 Cubecart | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
CVE-2002-2099 | 1 Gnu | 1 Data Display Debugger | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE. | |||||
CVE-2003-0437 | 1 Mnogosearch | 1 Mnogosearch | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter. | |||||
CVE-2002-1456 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. | |||||
CVE-2004-1670 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2024-02-04 | 7.5 HIGH | N/A |
Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html. | |||||
CVE-1999-1265 | 1 Seatle Lab Software | 1 Slmail | 2024-02-04 | 5.0 MEDIUM | N/A |
SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO. | |||||
CVE-2002-1955 | 1 Iomega | 1 Nas | 2024-02-04 | 5.0 MEDIUM | N/A |
Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack. |