Total
254033 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0265 | 1 Sawmill | 1 Sawmill | 2024-02-04 | 4.6 MEDIUM | N/A |
Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file. | |||||
CVE-2002-1140 | 1 Microsoft | 1 Services | 2024-02-04 | 5.0 MEDIUM | N/A |
The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service (service hang) via malformed packet fragments, aka "Improper parameter size check leading to denial of service." | |||||
CVE-2000-0543 | 1 Pgp | 1 Certificate Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000. | |||||
CVE-2000-0085 | 1 Microsoft | 1 Hotmail | 2024-02-04 | 7.5 HIGH | N/A |
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | |||||
CVE-2000-0695 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options. | |||||
CVE-2002-0297 | 1 Nombas | 1 Scriptease Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request. | |||||
CVE-1999-0208 | 3 Ibm, Nec, Sgi | 5 Aix, Asl Ux 4800, Ews-ux V and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. | |||||
CVE-2002-1357 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2024-02-04 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-2000-0976 | 1 Xfree86 Project | 1 Xlib | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter. | |||||
CVE-2004-2194 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2024-02-04 | 5.0 MEDIUM | N/A |
MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. | |||||
CVE-2001-0697 | 1 Netwin | 1 Surgeftp | 2024-02-04 | 5.0 MEDIUM | N/A |
NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a denial of service (crash) via an 'ls ..' command. | |||||
CVE-2002-1251 | 1 Log2mail | 1 Log2mail | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message. | |||||
CVE-2003-0203 | 2 Moxftp, Xftp | 2 Moxftp, Xftp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. | |||||
CVE-2001-0589 | 1 Juniper | 1 Netscreen Screenos | 2024-02-04 | 2.1 LOW | N/A |
NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns. | |||||
CVE-2004-1390 | 1 Qnx | 2 Rtos, Rtp | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9) noscript, (10) nodetach, (11) remote_mac, or (12) local_mac flags. | |||||
CVE-2001-1096 | 1 Ibm | 1 Aix | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. | |||||
CVE-2004-2192 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | |||||
CVE-2002-0619 | 1 Microsoft | 1 Office | 2024-02-04 | 7.5 HIGH | N/A |
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" (CVE-2000-0788). | |||||
CVE-1999-0511 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.5 HIGH | N/A |
IP forwarding is enabled on a machine which is not a router or firewall. | |||||
CVE-2002-2142 | 1 Bea | 2 Weblogic Integration, Weblogic Server | 2024-02-04 | 7.5 HIGH | N/A |
An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension. |