Total
253987 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0322 | 1 Colten Edwards | 1 Bitchx | 2024-02-04 | 5.0 MEDIUM | N/A |
| Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash). | |||||
| CVE-2004-2171 | 1 Cherokee | 1 Cherokee Httpd | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page. | |||||
| CVE-2001-0841 | 1 Ikonboard.com | 1 Ikonboard | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie. | |||||
| CVE-2004-1756 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers. | |||||
| CVE-1999-0620 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NIS is running." | |||||
| CVE-2001-0155 | 1 Van Dyke Technologies | 1 Vshell | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers. | |||||
| CVE-2000-0488 | 1 Ithouse | 1 Ithouse Mail Server | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands via a long RCPT TO mail command. | |||||
| CVE-2002-2376 | 1 Leung | 1 E-guest | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this issue might overlap CVE-2005-1605. | |||||
| CVE-2004-2120 | 1 Reptile Web Server | 1 Reptile Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET requests without the HTTP version. | |||||
| CVE-2003-0768 | 1 Microsoft | 1 Asp.net | 2024-02-04 | 6.8 MEDIUM | N/A |
| Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name. | |||||
| CVE-2002-1711 | 1 Basilix | 1 Basilix Webmail | 2024-02-04 | 2.1 LOW | N/A |
| BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments. | |||||
| CVE-2001-0405 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.5 HIGH | N/A |
| ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall. | |||||
| CVE-2000-1107 | 1 Suse | 1 Suse Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | |||||
| CVE-2001-0316 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.6 MEDIUM | N/A |
| Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. | |||||
| CVE-2003-1124 | 1 Sun | 1 Management\+center | 2024-02-04 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. | |||||
| CVE-2003-0760 | 1 Optisoft | 1 Blubster | 2024-02-04 | 5.0 MEDIUM | N/A |
| Blubster 2.5 allows remote attackers to cause a denial of service (crash) via a flood of connections to UDP port 701. | |||||
| CVE-2004-0572 | 1 Microsoft | 1 Grpconv | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe. | |||||
| CVE-2000-1158 | 1 Network Associates | 1 Sniffer Agent | 2024-02-04 | 7.5 HIGH | N/A |
| NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords. | |||||
| CVE-2003-0850 | 2 Dug Song, Rafal Wojtczuk | 2 Dsniff, Libnids | 2024-02-04 | 7.5 HIGH | N/A |
| The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." | |||||
| CVE-1999-0859 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
| Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. | |||||