Total
254016 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0131 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2024-02-04 | 3.3 LOW | N/A |
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0420 | 1 Way To The Web | 1 Talkback | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter. | |||||
CVE-2001-1435 | 1 Compaq | 1 Tru64 | 2024-02-04 | 5.0 MEDIUM | N/A |
inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services. | |||||
CVE-2001-0228 | 1 Goahead Software | 1 Goahead Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request. | |||||
CVE-1999-0726 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.8 HIGH | N/A |
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. | |||||
CVE-2002-1287 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-04 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass. | |||||
CVE-2002-0939 | 1 Ncipher | 1 Mscapi Csp | 2024-02-04 | 4.6 MEDIUM | N/A |
The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | |||||
CVE-2003-1440 | 1 Burton Computer Corporation | 1 Spamprobe | 2024-02-04 | 4.3 MEDIUM | N/A |
SpamProbe 0.8a allows remote attackers to cause a denial of service (crash) via HTML e-mail with newline characters within an href tag, which is not properly handled by certain regular expressions. | |||||
CVE-1999-0920 | 1 University Of Washington | 2 Imap, Pop2d | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command. | |||||
CVE-2003-1325 | 1 Valve Software | 1 Half-life Cstrike Dedicated Server | 2024-02-04 | 5.2 MEDIUM | N/A |
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734. | |||||
CVE-2002-2130 | 1 Gallery Project | 1 Gallery | 2024-02-04 | 7.5 HIGH | N/A |
publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-1999-0317 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Linux su command gives root access to local users. | |||||
CVE-1999-1254 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. | |||||
CVE-2003-1404 | 1 Dotbr | 1 Botbr | 2024-02-04 | 7.5 HIGH | N/A |
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. | |||||
CVE-2000-1200 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | |||||
CVE-2002-1520 | 2 Rapidstream, Watchguard | 2 Rapidstream, Firebox | 2024-02-04 | 10.0 HIGH | N/A |
The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges. | |||||
CVE-2003-0582 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0504. Reason: This candidate is a duplicate of CVE-2003-0504. Notes: All CVE users should reference CVE-2003-0504 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-1999-1576 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method. | |||||
CVE-2002-0456 | 1 Qualcomm | 1 Eudora | 2024-02-04 | 5.0 MEDIUM | N/A |
Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | |||||
CVE-1999-0664 | 2024-02-04 | 10.0 HIGH | N/A | ||
An application-critical Windows NT registry key has inappropriate permissions. |