Total
254010 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1259 | 1 Avaya | 1 Argent Office | 2024-02-04 | 5.0 MEDIUM | N/A |
Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | |||||
CVE-2002-1822 | 1 Ibm | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). | |||||
CVE-1999-1553 | 1 Xcmail | 1 Xcmail | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line. | |||||
CVE-2001-0403 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI. | |||||
CVE-2001-0599 | 1 Sybase | 1 Adaptive Server Anywhere | 2024-02-04 | 5.0 MEDIUM | N/A |
Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638. | |||||
CVE-2002-0733 | 1 Acme Labs | 1 Thttpd | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message. | |||||
CVE-2001-1121 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1084. Reason: This candidate is a duplicate of CVE-2001-1084. Notes: All CVE users should reference CVE-2001-1084 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2000-0727 | 1 Xpdf | 1 Xpdf | 2024-02-04 | 7.6 HIGH | N/A |
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters. | |||||
CVE-2002-0502 | 1 Citrix | 1 Nfuse | 2024-02-04 | 5.0 MEDIUM | N/A |
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. | |||||
CVE-2004-0870 | 1 Kde | 1 Konqueror | 2024-02-04 | 5.0 MEDIUM | N/A |
KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | |||||
CVE-1999-0244 | 1 Livingston | 1 Radius | 2024-02-04 | 7.5 HIGH | N/A |
Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root. | |||||
CVE-2002-0903 | 1 Woltlab | 1 Burning Board | 2024-02-04 | 7.5 HIGH | N/A |
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value. | |||||
CVE-2001-1060 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-02-04 | 7.5 HIGH | N/A |
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php. | |||||
CVE-2000-0642 | 1 Itafrica | 1 Webactive | 2024-02-04 | 5.0 MEDIUM | N/A |
The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page. | |||||
CVE-2002-0572 | 3 Freebsd, Openbsd, Sun | 4 Freebsd, Openbsd, Solaris and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. | |||||
CVE-2004-0607 | 3 Ipsec-tools, Kame, Redhat | 4 Ipsec-tools, Racoon, Enterprise Linux and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication. | |||||
CVE-2004-1762 | 1 F-secure | 1 F-secure Anti-virus | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV. | |||||
CVE-2002-0174 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file. | |||||
CVE-2003-0021 | 1 Michael Jennings | 1 Eterm | 2024-02-04 | 5.0 MEDIUM | N/A |
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. | |||||
CVE-1999-0221 | 1 Lucent | 1 Ascend Routers | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service of Ascend routers through port 150 (remote administration). |