Total
254124 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1247 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges. | |||||
| CVE-2002-0723 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag." | |||||
| CVE-2003-0409 | 1 Brs | 1 Webweaver | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request. | |||||
| CVE-2002-1597 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface. | |||||
| CVE-2002-0339 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. | |||||
| CVE-1999-0939 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in Debian IRC Epic/epic4 client via a long string. | |||||
| CVE-2002-2009 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
| Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. | |||||
| CVE-2002-2043 | 1 Cyrus | 1 Sasl | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. | |||||
| CVE-2003-0127 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
| The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | |||||
| CVE-2000-1025 | 1 Unify | 1 Ewave Servletexec | 2024-02-04 | 5.0 MEDIUM | N/A |
| eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | |||||
| CVE-1999-1382 | 1 Novell | 1 Netware | 2024-02-04 | 7.2 HIGH | N/A |
| NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program. | |||||
| CVE-1999-0195 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | |||||
| CVE-2003-0213 | 1 Poptop | 1 Pptp Server | 2024-02-04 | 7.5 HIGH | N/A |
| ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow. | |||||
| CVE-1999-1060 | 1 Tetrix | 1 Tetrinet | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname. | |||||
| CVE-2000-0780 | 1 Ipswitch | 1 Imail | 2024-02-04 | 6.4 MEDIUM | N/A |
| The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2004-1343 | 1 Cvs | 1 Cvs | 2024-02-04 | 5.0 MEDIUM | N/A |
| CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash). | |||||
| CVE-2002-2264 | 1 Hp | 1 Secure Web Server For Tru64 | 2024-02-04 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be certain. | |||||
| CVE-2000-0794 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview. | |||||
| CVE-2002-0988 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities. | |||||
| CVE-2004-2084 | 1 Jshop E-commerce | 2 Jshop Professional, Jshop Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter. | |||||