Total
254124 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0366 | 1 Lysator | 1 Lyskom-server | 2024-02-04 | 5.0 MEDIUM | N/A |
| lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query. | |||||
| CVE-1999-1290 | 1 Chris Matthee | 1 Nftp | 2024-02-04 | 5.1 MEDIUM | N/A |
| Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string. | |||||
| CVE-2003-0131 | 1 Openssl | 1 Openssl | 2024-02-04 | 7.5 HIGH | N/A |
| The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack." | |||||
| CVE-1999-0133 | 1 Adobe | 1 Framemaker | 2024-02-04 | 2.1 LOW | N/A |
| fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. | |||||
| CVE-1999-1261 | 1 Metamail Corporation | 1 Metamail | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command. | |||||
| CVE-1999-0661 | 2024-02-04 | 10.0 HIGH | N/A | ||
| A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6. | |||||
| CVE-2000-0709 | 1 Microsoft | 1 Frontpage | 2024-02-04 | 5.0 MEDIUM | N/A |
| The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name. | |||||
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | |||||
| CVE-1999-0488 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability. | |||||
| CVE-2002-1912 | 1 Skystream | 1 Emr5000 | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets. | |||||
| CVE-2002-2342 | 1 Joe Depasquale | 1 Bannermatic | 2024-02-04 | 5.0 MEDIUM | N/A |
| Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files. | |||||
| CVE-2004-0574 | 1 Microsoft | 4 Exchange Server, Windows 2000, Windows Nt and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
| The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. | |||||
| CVE-2002-1472 | 1 Xfree86 Project | 1 X11r6 | 2024-02-04 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | |||||
| CVE-2002-1510 | 1 Xfree86 Project | 1 X11r6 | 2024-02-04 | 10.0 HIGH | N/A |
| xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | |||||
| CVE-2001-1410 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering. | |||||
| CVE-2004-0175 | 1 Openbsd | 1 Openssh | 2024-02-04 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992. | |||||
| CVE-2002-1790 | 1 Microsoft | 3 Exchange Server, Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
| The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. | |||||
| CVE-2002-1420 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 7.2 HIGH | N/A |
| Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation. | |||||
| CVE-2003-0086 | 1 Samba | 1 Samba | 2024-02-04 | 1.2 LOW | N/A |
| The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | |||||
| CVE-2002-0149 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names. | |||||