Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0416 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | |||||
CVE-2001-0620 | 1 Iplanet | 1 Calendar Server | 2024-02-04 | 2.1 LOW | N/A |
iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions. | |||||
CVE-2001-0847 | 1 Lotus | 1 Domino Web Server | 2024-02-04 | 7.5 HIGH | N/A |
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID. | |||||
CVE-2004-1458 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2024-02-04 | 5.0 MEDIUM | N/A |
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002. | |||||
CVE-2003-0490 | 1 Dantz | 1 Retrospect Client | 2024-02-04 | 7.2 HIGH | N/A |
The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, and possibly other versions, creates critical directories and files with world-writable permissions, which allows local users to gain privileges as other users by replacing programs with malicious code. | |||||
CVE-1999-1040 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable. | |||||
CVE-2004-1146 | 1 Cvstrac | 1 Cvstrac | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote attackers to inject arbitrary HTML and web script. | |||||
CVE-2002-1083 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences. | |||||
CVE-2004-0405 | 1 Cvs | 1 Cvs | 2024-02-04 | 5.0 MEDIUM | N/A |
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180. | |||||
CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 5.0 MEDIUM | N/A |
The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | |||||
CVE-2004-0550 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. | |||||
CVE-2003-0880 | 1 Apple | 1 Mac Os X | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences. | |||||
CVE-2003-0697 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges. | |||||
CVE-2002-0046 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet. | |||||
CVE-1999-0630 | 2024-02-04 | 10.0 HIGH | N/A | ||
The NT Alerter and Messenger services are running. | |||||
CVE-2004-1834 | 1 Apache | 1 Http Server | 2024-02-04 | 2.1 LOW | N/A |
mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information. | |||||
CVE-2003-0421 | 1 Apple | 1 Darwin Streaming Server | 2024-02-04 | 10.0 HIGH | N/A |
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0502. | |||||
CVE-2002-2248 | 1 Netscape | 1 Communicator | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | |||||
CVE-2003-0417 | 1 Super-m | 1 Son Hserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Son hServer 0.2 allows remote attackers to read arbitrary files via ".|." (modified dot-dot) sequences. | |||||
CVE-2000-0604 | 1 Redhat | 1 Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp. |