Total
253946 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1376 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands. | |||||
CVE-1999-1062 | 1 Hp | 1 Jetdirect | 2024-02-04 | 7.5 HIGH | N/A |
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. | |||||
CVE-2002-0374 | 1 Padl Software | 1 Pam Ldap | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name. | |||||
CVE-1999-0702 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 10.0 HIGH | N/A |
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability. | |||||
CVE-2002-2031 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results. | |||||
CVE-1999-0335 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2001-1558 | 1 Snort | 1 Snort | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 allows attackers to cause a denial of service (crash). | |||||
CVE-2002-0223 | 2 Infopop, Wired Community Software | 2 Ultimate Bulletin Board, Wwwthreads | 2024-02-04 | 7.5 HIGH | N/A |
Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension. | |||||
CVE-2005-1247 | 1 Novell | 1 Nsure Audit | 2024-02-04 | 5.0 MEDIUM | N/A |
webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability. | |||||
CVE-2000-0599 | 1 Imesh.com | 1 Imesh | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port. | |||||
CVE-2004-0744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | |||||
CVE-1999-0367 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
NetBSD netstat command allows local users to access kernel memory. | |||||
CVE-2003-1388 | 1 Opera | 1 Opera Browser | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. | |||||
CVE-2004-2235 | 1 Moodle | 1 Moodle | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | |||||
CVE-2000-0464 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.6 HIGH | N/A |
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. | |||||
CVE-2004-1656 | 1 Comersus Open Technologies | 1 Comersus Cart | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter. | |||||
CVE-1999-1515 | 1 Tenfour | 1 Tfs Gateway | 2024-02-04 | 5.0 MEDIUM | N/A |
A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which causes the gateway to continuously try to return the message every 10 seconds. | |||||
CVE-2001-1513 | 1 Macromedia | 1 Jrun | 2024-02-04 | 7.5 HIGH | N/A |
Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx. | |||||
CVE-2003-0573 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. | |||||
CVE-2002-0017 | 1 Sgi | 1 Irix | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request. |