Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1248 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges. | |||||
CVE-2001-0154 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. | |||||
CVE-2000-0641 | 1 Michael Lamont | 1 Savant Webserver | 2024-02-04 | 7.5 HIGH | N/A |
Savant web server allows remote attackers to execute arbitrary commands via a long GET request. | |||||
CVE-1999-0512 | 2024-02-04 | 10.0 HIGH | N/A | ||
A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers. | |||||
CVE-2004-0998 | 1 Telnetd | 2 Telnetd, Telnetd-ssl | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code. | |||||
CVE-2003-0548 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | |||||
CVE-2001-0101 | 1 Fetchmail | 1 Fetchmail | 2024-02-04 | 10.0 HIGH | N/A |
Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command. | |||||
CVE-2002-1970 | 1 Snortcenter | 1 Snortcenter | 2024-02-04 | 2.1 LOW | N/A |
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers. | |||||
CVE-1999-1201 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-04 | 5.0 MEDIUM | N/A |
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. | |||||
CVE-2002-2051 | 1 Modlogan | 1 Modlogan | 2024-02-04 | 2.1 LOW | N/A |
The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file. | |||||
CVE-1999-1430 | 1 Royal | 1 Davinci | 2024-02-04 | 2.1 LOW | N/A |
PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access. | |||||
CVE-2004-1512 | 1 Soft3304 | 1 04webserver | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote attackers to execute arbitrary web script or HTML via script code in the URL, which is not quoted in the resulting default error page. | |||||
CVE-1999-0827 | 2 Microsoft, Netscape | 3 Ie, Internet Explorer, Navigator | 2024-02-04 | 2.6 LOW | N/A |
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. | |||||
CVE-2003-1068 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082. | |||||
CVE-1999-0884 | 1 Zeus Technologies | 1 Zeus Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Zeus web server administrative interface uses weak encryption for its passwords. | |||||
CVE-1999-1556 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 7.2 HIGH | N/A |
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value. | |||||
CVE-2001-0968 | 1 Knox Software | 1 Arkeia | 2024-02-04 | 10.0 HIGH | N/A |
Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges. | |||||
CVE-2000-1115 | 1 Software602 | 1 602pro Lan Suite | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
CVE-2000-1044 | 1 Suse | 1 Suse Linux | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges. | |||||
CVE-1999-0003 | 5 Hp, Ibm, Sgi and 2 more | 6 Hp-ux, Aix, Irix and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). |