Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0133 | 1 Gnome | 1 Gtkhtml | 2024-02-04 | 5.0 MEDIUM | N/A |
GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. | |||||
CVE-2002-2173 | 1 Cerulean Studios | 1 Trillian | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message. | |||||
CVE-2001-1188 | 1 Brian Dorricott | 1 Mailto | 2024-02-04 | 7.5 HIGH | N/A |
mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields. | |||||
CVE-2002-0792 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2024-02-04 | 5.0 MEDIUM | N/A |
The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | |||||
CVE-2001-0357 | 1 Matt Wright | 1 Formmail | 2024-02-04 | 7.5 HIGH | N/A |
FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters. | |||||
CVE-2004-0271 | 1 Maxwebportal | 1 Maxwebportal | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote attackers to execute arbitrary web script as other users via (1) the sub_name parameter of dl_showall.asp, (2) the SendTo parameter in Personal Messages, (3) the HTTP_REFERER for down.asp, or (4) the image name of an Avatar in the register form. | |||||
CVE-1999-0912 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files. | |||||
CVE-2001-0586 | 1 Trend Micro | 1 Scanmail Exchange | 2024-02-04 | 4.6 MEDIUM | N/A |
TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords. | |||||
CVE-2004-0825 | 1 Apple | 1 Mac Os X Server | 2024-02-04 | 5.0 MEDIUM | N/A |
QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. | |||||
CVE-2001-0190 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). | |||||
CVE-2001-1255 | 2 Mysql, Oracle | 2 Winmysqladmin, Mysql | 2024-02-04 | 4.6 MEDIUM | N/A |
WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. | |||||
CVE-2002-1147 | 1 Hp | 1 Procurve Switch 4000m | 2024-02-04 | 7.1 HIGH | N/A |
The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of service via a direct request to the device_reset CGI program. | |||||
CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||||
CVE-2001-1056 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.5 HIGH | N/A |
IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request. | |||||
CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2024-02-04 | 1.2 LOW | N/A |
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | |||||
CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 7.5 HIGH | N/A |
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | |||||
CVE-2003-0374 | 1 Nessus | 1 Nessus | 2024-02-04 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus." | |||||
CVE-2002-1397 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | |||||
CVE-2000-0258 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. | |||||
CVE-2004-0041 | 1 Mod Auth Shadow | 1 Mod Auth Shadow | 2024-02-04 | 7.5 HIGH | N/A |
The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions. |