Total
254074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0870 | 1 Opera | 1 Opera Browser | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name. | |||||
| CVE-1999-1307 | 1 Novell | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. | |||||
| CVE-2002-2153 | 1 Oracle | 1 Application Server | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application Server 4.0.8 and 4.0.8 2 allows remote attackers to execute arbitrary code. | |||||
| CVE-2003-0415 | 1 Access-remote-pc.com | 1 Remote Pc Access | 2024-02-04 | 5.0 MEDIUM | N/A |
| Remote PC Access Server 2.2 allows remote attackers to cause a denial of service (crash) by receiving packets from the server and sending them back to the server. | |||||
| CVE-2000-0630 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
| IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability. | |||||
| CVE-1999-1230 | 1 Id Software | 1 Quake 2 | 2024-02-04 | 5.0 MEDIUM | N/A |
| Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | |||||
| CVE-1999-1346 | 1 Redhat | 1 Linux | 2024-02-04 | 7.5 HIGH | N/A |
| PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. | |||||
| CVE-2004-1900 | 1 Pan Vision | 1 I.g.i-2 Covert Strike | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in the logging function in IGI 2 Covert Strike server 1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in RCON commands. | |||||
| CVE-1999-0263 | 1 Sun | 1 Sunos | 2024-02-04 | 4.6 MEDIUM | N/A |
| Solaris SUNWadmap can be exploited to obtain root access. | |||||
| CVE-2002-2207 | 1 Eric Rescorla | 1 Ssldump | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attackers to execute arbitrary code via a long RSA PreMasterSecret. | |||||
| CVE-1999-0387 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-04 | 7.8 HIGH | N/A |
| A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords. | |||||
| CVE-2000-0458 | 1 Imp | 1 Imp | 2024-02-04 | 2.1 LOW | N/A |
| The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information. | |||||
| CVE-1999-1184 | 1 Elm Development Group | 1 Elm | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable. | |||||
| CVE-2001-1039 | 1 Hp | 1 Jetadmin | 2024-02-04 | 7.5 HIGH | N/A |
| The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer. | |||||
| CVE-2002-0261 | 1 Instantservers Inc. | 1 Miniportal | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command. | |||||
| CVE-2004-0824 | 1 Apple | 1 Mac Os X | 2024-02-04 | 2.1 LOW | N/A |
| PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | |||||
| CVE-2004-2020 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x through 7.3 allow remote attackers to inject arbitrary HTML or web script into the (1) optionbox parameter in the News module, (2) date parameter in the Statistics module, (3) year, month, and month_1 parameters in the Stories_Archive module, (4) mode, order, and thold parameters in the Surveys module, or (5) a SQL statement to index.php, as processed by mainfile.php. | |||||
| CVE-2003-0631 | 1 Vmware | 2 Gsx Server, Workstation | 2024-02-04 | 7.2 HIGH | N/A |
| VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | |||||
| CVE-2001-1431 | 2 Checkpoint, Nokia | 3 Firewall-1, Vpn-1, Firewall Appliance | 2024-02-04 | 5.0 MEDIUM | N/A |
| Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information. | |||||
| CVE-2003-0240 | 1 Axis | 9 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 6 more | 2024-02-04 | 10.0 HIGH | N/A |
| The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash). | |||||