Total
254104 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0391 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2024-02-04 | 7.5 HIGH | N/A |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. | |||||
| CVE-2002-0410 | 1 Aeromail | 1 Aeromail | 2024-02-04 | 5.0 MEDIUM | N/A |
| send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded. | |||||
| CVE-2003-0983 | 1 Cisco | 2 80-7111-01 For The Unity-svrx255-1a, 80-7112-01 For The Unity-svrx255-2a | 2024-02-04 | 7.5 HIGH | N/A |
| Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network. | |||||
| CVE-2003-1017 | 1 Macromedia | 2 Director, Flash Player | 2024-02-04 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names. | |||||
| CVE-1999-0443 | 1 Bmc | 1 Patrol Agent | 2024-02-04 | 10.0 HIGH | N/A |
| Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password. | |||||
| CVE-2003-1501 | 1 Gast Arbeiter | 1 Gast Arbeiter | 2024-02-04 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the file upload CGI of Gast Arbeiter 1.3 allows remote attackers to write arbitrary files via a .. (dot dot) in the req_file parameter. | |||||
| CVE-2003-1148 | 1 Les Visiteurs | 1 Les Visiteurs | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/. | |||||
| CVE-2002-0586 | 1 Aol | 1 Aol Server | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters. | |||||
| CVE-2000-0570 | 1 Centrinity | 1 Firstclass Intranet Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header. | |||||
| CVE-2004-1451 | 1 Mozilla | 1 Mozilla | 2024-02-04 | 2.6 LOW | N/A |
| Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks. | |||||
| CVE-2003-1115 | 1 Nortel | 1 Succession Communication Server 2000 | 2024-02-04 | 7.5 HIGH | N/A |
| The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Server 2000, when using SIP-T, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
| CVE-1999-0035 | 2 Gnu, Sgi | 2 Inet, Irix | 2024-02-04 | 5.1 MEDIUM | N/A |
| Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. | |||||
| CVE-1999-1325 | 1 Vax Vms | 1 Sas System | 2024-02-04 | 7.2 HIGH | N/A |
| SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges. | |||||
| CVE-2004-0362 | 1 Iss | 11 Blackice Agent Server, Blackice Pc Protection, Blackice Server Protection and 8 more | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm. | |||||
| CVE-2002-0217 | 1 Xoops | 1 Xoops | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php. | |||||
| CVE-2001-0367 | 1 Mirabilis | 1 Icq | 2024-02-04 | 5.0 MEDIUM | N/A |
| Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters. | |||||
| CVE-2004-0171 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
| FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. | |||||
| CVE-2004-1768 | 1 Symantec | 1 Brightmail Antispam | 2024-02-04 | 5.0 MEDIUM | N/A |
| The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters. | |||||
| CVE-2003-0825 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2024-02-04 | 9.3 HIGH | N/A |
| The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-1999-0034 | 4 Bsdi, Larry Wall, Redhat and 1 more | 4 Bsd Os, Perl, Linux and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. | |||||