Total
253847 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0476 | 1 Sco | 1 Openserver | 2024-02-04 | 7.2 HIGH | N/A |
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. | |||||
CVE-2004-1624 | 1 Altiris | 1 Carbon Copy | 2024-02-04 | 7.2 HIGH | N/A |
Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe). | |||||
CVE-2003-0928 | 1 Clearswift | 1 Mailsweeper | 2024-02-04 | 7.5 HIGH | N/A |
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy. | |||||
CVE-2003-1283 | 1 Kazaa | 1 Kazaa Media Desktop | 2024-02-04 | 7.5 HIGH | N/A |
KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security zone, which could allow remote attackers to view local files and possibly execute arbitrary code. | |||||
CVE-2003-0176 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan. | |||||
CVE-2000-0138 | 2024-02-04 | 5.0 MEDIUM | N/A | ||
A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream, or (6) shaft. | |||||
CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2024-02-04 | 5.1 MEDIUM | N/A |
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | |||||
CVE-2002-2247 | 1 Mambo | 1 Mambo Site Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function. | |||||
CVE-2000-0061 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 10.0 HIGH | N/A |
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading. | |||||
CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | |||||
CVE-2004-0109 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. | |||||
CVE-2004-0353 | 1 Gnu | 1 Anubis | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | |||||
CVE-2003-0863 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications. | |||||
CVE-1999-0521 | 2024-02-04 | 7.2 HIGH | N/A | ||
An NIS domain name is easily guessable. | |||||
CVE-2001-0160 | 2 Lucent, Orinoco | 2 Wavelan, Orinoco Wavelan | 2024-02-04 | 5.0 MEDIUM | N/A |
Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will let them decrypt messages. | |||||
CVE-2001-0797 | 5 Hp, Ibm, Sco and 2 more | 6 Hp-ux, Aix, Openserver and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | |||||
CVE-2000-0870 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string. | |||||
CVE-2003-1223 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Node Manager for BEA WebLogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (Node Manager crash) via malformed data to the Node Manager's port, as demonstrated by nmap. | |||||
CVE-2002-0602 | 1 Snapgear | 1 Snapgear Lite\+ Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to cause a denial of service (crash) via a large number of connections to (1) the HTTP web management port, or (2) the PPTP port. | |||||
CVE-2004-0289 | 1 Paul L Daniels | 1 Signaturedb | 2024-02-04 | 2.1 LOW | N/A |
Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to cause a denial of service (segmentation fault) via a database file that contains a large key parameter. |