Total
253940 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1418 | 1 Apache | 1 Http Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID). | |||||
| CVE-2001-0745 | 1 Netscape | 1 Messanger | 2024-02-04 | 5.0 MEDIUM | N/A |
| Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property. | |||||
| CVE-2001-0097 | 1 Infinite | 1 Infinite Interchange | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request. | |||||
| CVE-2001-1423 | 1 Advanced Poll | 1 Advanced Poll | 2024-02-04 | 7.5 HIGH | N/A |
| Advanced Poll before 1.61, when using a flat file database, allows remote attackers to gain privileges by setting the logged_in parameter. | |||||
| CVE-2000-0025 | 1 Microsoft | 3 Internet Information Server, Site Server, Site Server Commerce | 2024-02-04 | 5.0 MEDIUM | N/A |
| IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. | |||||
| CVE-2001-0507 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 7.2 HIGH | N/A |
| IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability. | |||||
| CVE-2002-1231 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 2.1 LOW | N/A |
| SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc. | |||||
| CVE-2002-2397 | 1 Symantec | 1 Sygate Personal Firewall | 2024-02-04 | 10.0 HIGH | N/A |
| Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1) source IP address of 127.0.0.1 or (2) network address of 127.0.0.0. | |||||
| CVE-2001-0300 | 1 Oracle | 1 Internet Directory | 2024-02-04 | 2.1 LOW | N/A |
| oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack. | |||||
| CVE-2002-2016 | 1 User-mode Linux | 1 User-mode Linux | 2024-02-04 | 7.2 HIGH | N/A |
| User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code. | |||||
| CVE-2002-1007 | 1 Blackboard | 1 Blackboard | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi. | |||||
| CVE-2004-0567 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2024-02-04 | 7.5 HIGH | N/A |
| The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." | |||||
| CVE-2004-0403 | 1 Kame | 1 Racoon | 2024-02-04 | 5.0 MEDIUM | N/A |
| Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field. | |||||
| CVE-1999-0089 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in AIX libDtSvc library can allow local users to gain root access. | |||||
| CVE-2004-0148 | 2 Sgi, Washington University | 2 Propack, Wu-ftpd | 2024-02-04 | 7.2 HIGH | N/A |
| wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | |||||
| CVE-2000-0420 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.2 HIGH | N/A |
| The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data. | |||||
| CVE-2001-1072 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail. | |||||
| CVE-1999-1520 | 1 Microsoft | 1 Site Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information. | |||||
| CVE-2002-1242 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php. | |||||
| CVE-2001-1468 | 1 Secure Reality | 1 Phpsecurepages | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code. | |||||