Total
253930 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1537 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL. | |||||
CVE-2001-1547 | 1 Microsoft | 1 Outlook Express | 2024-02-04 | 7.5 HIGH | N/A |
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code. | |||||
CVE-2004-0134 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process. | |||||
CVE-2001-0660 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by directly accessing a back-end function that processes the global address list (GAL). | |||||
CVE-2002-1812 | 1 Gdam | 1 Gdam | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter. | |||||
CVE-2002-0779 | 1 Novell | 1 Bordermanager | 2024-02-04 | 5.0 MEDIUM | N/A |
FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data. | |||||
CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2024-02-04 | 5.0 MEDIUM | N/A |
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. | |||||
CVE-2000-0829 | 1 Redhat | 2 Linux, Tmpwatch | 2024-02-04 | 2.1 LOW | N/A |
The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/. | |||||
CVE-2002-0164 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges. | |||||
CVE-2000-0512 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service. | |||||
CVE-2004-0654 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). | |||||
CVE-2002-2116 | 1 Netgear | 2 Rm356, Rt338 | 2024-02-04 | 5.0 MEDIUM | N/A |
Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap. | |||||
CVE-2001-0615 | 1 Faust Informatics | 1 Freestyle Chat | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of a '..' (dot dot) attack such as '...' or '....'. | |||||
CVE-1999-1562 | 1 Gftp | 1 Ftp Client | 2024-02-04 | 4.6 MEDIUM | N/A |
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. | |||||
CVE-2002-2322 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-02-04 | 5.0 MEDIUM | N/A |
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords. | |||||
CVE-1999-0655 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities." | |||||
CVE-2003-1172 | 1 Apache | 1 Cocoon | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter. | |||||
CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2024-02-04 | 5.0 MEDIUM | N/A |
ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | |||||
CVE-2003-1551 | 1 Novell | 1 Groupwise | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script." | |||||
CVE-2004-1865 | 1 Bblog | 1 Bblog | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allowed to add HTML by other means, e.g. through Smarty templates, then this issue would not give any additional privileges, and thus would not be considered a vulnerability. |