Total
253869 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1206 | 1 Systemsoft | 1 Systemwizard | 2024-02-04 | 7.5 HIGH | N/A |
SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control. | |||||
CVE-2004-1200 | 1 Mozilla | 1 Firefox | 2024-02-04 | 5.0 MEDIUM | N/A |
Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | |||||
CVE-2004-2176 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 4.6 MEDIUM | N/A |
The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls. | |||||
CVE-1999-0047 | 3 Bsdi, Caldera, Eric Allman | 3 Bsd Os, Openlinux, Sendmail | 2024-02-04 | 10.0 HIGH | N/A |
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | |||||
CVE-2004-0222 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
CVE-2003-1234 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 3.6 LOW | N/A |
Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | |||||
CVE-2002-0567 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2024-02-04 | 7.5 HIGH | N/A |
Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process. | |||||
CVE-1999-0238 | 1 Php | 1 Php | 2024-02-04 | 10.0 HIGH | N/A |
php.cgi allows attackers to read any file on the system. | |||||
CVE-1999-1504 | 1 Stalker | 1 Stalker Internet Mail Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |||||
CVE-2003-1226 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 2.1 LOW | N/A |
BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords. | |||||
CVE-1999-1133 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. | |||||
CVE-2004-0708 | 1 Moinmoin | 1 Moinmoin | 2024-02-04 | 7.5 HIGH | N/A |
MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges. | |||||
CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2024-02-04 | 3.6 LOW | N/A |
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | |||||
CVE-2004-0696 | 1 4d | 1 Webstar | 2024-02-04 | 5.0 MEDIUM | N/A |
The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character. | |||||
CVE-2000-0605 | 1 Blackboard | 1 Courseinfo | 2024-02-04 | 2.1 LOW | N/A |
Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords. | |||||
CVE-2001-0055 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2024-02-04 | 5.0 MEDIUM | N/A |
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. | |||||
CVE-1999-1354 | 1 Softarc | 1 Firstclass Internet Server | 2024-02-04 | 4.6 MEDIUM | N/A |
E-mail client in Softarc FirstClass Internet Server 5.506 and earlier stores usernames and passwords in cleartext in the files (1) home.fc for version 5.506, (2) network.fc for version 3.5, or (3) FCCLIENT.LOG when logging is enabled. | |||||
CVE-2001-1030 | 6 Caldera, Immunix, Mandrakesoft and 3 more | 8 Openlinux Server, Immunix, Mandrake Linux and 5 more | 2024-02-04 | 7.5 HIGH | N/A |
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. | |||||
CVE-2001-0269 | 1 Sun | 1 Sunos | 2024-02-04 | 10.0 HIGH | N/A |
pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password. | |||||
CVE-1999-1336 | 1 3com | 1 Hiperarc | 2024-02-04 | 5.0 MEDIUM | N/A |
3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port. |