Total
253921 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1097 | 1 Microsoft | 1 Netmeeting | 2024-02-04 | 6.4 MEDIUM | N/A |
Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty. | |||||
CVE-2003-0167 | 1 Mutt | 1 Mutt | 2024-02-04 | 7.5 HIGH | N/A |
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. | |||||
CVE-2004-2217 | 1 Ychat | 1 Ychat | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | |||||
CVE-2003-0222 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2024-02-04 | 9.0 HIGH | N/A |
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. | |||||
CVE-2003-0845 | 1 Jboss | 1 Jboss | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. | |||||
CVE-2002-1092 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2024-02-04 | 7.5 HIGH | N/A |
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication. | |||||
CVE-2002-0285 | 1 Microsoft | 1 Outlook Express | 2024-02-04 | 7.5 HIGH | N/A |
Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. | |||||
CVE-2001-0477 | 1 Webcalendar | 1 Webcalendar | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in WebCalendar 0.9.26 allows remote command execution. | |||||
CVE-1999-0718 | 1 Ibm | 1 Gina | 2024-02-04 | 6.2 MEDIUM | N/A |
IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key. | |||||
CVE-2004-0670 | 1 Zyxel | 1 Prestige | 2024-02-04 | 5.0 MEDIUM | N/A |
Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service (device reboot) via a long password. | |||||
CVE-2004-0523 | 4 Mit, Sgi, Sun and 1 more | 7 Kerberos, Kerberos 5, Propack and 4 more | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | |||||
CVE-2002-1655 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request. | |||||
CVE-2002-1735 | 1 Davin Mccall | 1 Dlogin | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in dlogin 1.0a could allow local users to gain privileges via unknown attack vectors. | |||||
CVE-2001-1309 | 1 Ibm | 1 Secureway Directory | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2000-0650 | 1 Network Associates | 2 Netshield, Virusscan | 2024-02-04 | 2.1 LOW | N/A |
The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse. | |||||
CVE-2004-1788 | 1 Asp-nuke | 1 Asp-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb. | |||||
CVE-2001-1441 | 1 Ibm | 1 Visualage For Java | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message. | |||||
CVE-2003-0658 | 2 Caldera, Sco | 4 Openlinux Server, Openlinux Workstation, Openserver and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. | |||||
CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
CVE-2002-1473 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. |