Total
253990 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2219 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. | |||||
CVE-1999-1100 | 1 Cisco | 1 Pix Private Link | 2024-02-04 | 7.5 HIGH | N/A |
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | |||||
CVE-2001-1240 | 1 Engardelinux | 1 Secure Linux | 2024-02-04 | 10.0 HIGH | N/A |
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access. | |||||
CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | |||||
CVE-2000-0880 | 1 Plus Technologies | 1 Lpplus | 2024-02-04 | 3.6 LOW | N/A |
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file. | |||||
CVE-1999-0938 | 1 University College London | 1 Sdr | 2024-02-04 | 7.5 HIGH | N/A |
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. | |||||
CVE-2000-0016 | 1 True North | 1 Internet Anywhere Mail Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. | |||||
CVE-1999-0087 | 1 Ibm | 1 Aix | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. | |||||
CVE-2001-1580 | 2 Nombas, Novell | 2 Scriptease Webserver, Netware | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string. | |||||
CVE-2002-2333 | 1 Kde | 1 Kde | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
CVE-2004-0308 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell. | |||||
CVE-1999-0223 | 1 Sun | 1 Sunos | 2024-02-04 | 2.1 LOW | N/A |
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | |||||
CVE-2001-0074 | 1 Technote Inc | 1 Technote | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter. | |||||
CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2024-02-04 | 7.5 HIGH | N/A |
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | |||||
CVE-1999-0813 | 1 Infodrom | 1 Cfingerd | 2024-02-04 | 7.2 HIGH | N/A |
Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. | |||||
CVE-2000-0357 | 1 Redhat | 1 Linux | 2024-02-04 | 7.5 HIGH | N/A |
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. | |||||
CVE-2001-0033 | 2 Kth, Netbsd | 2 Kth Kerberos, Netbsd | 2024-02-04 | 7.2 HIGH | N/A |
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges. | |||||
CVE-2004-1321 | 1 Asante | 1 Fm2008 Managed Ethernet Switch | 2024-02-04 | 7.5 HIGH | N/A |
The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access. | |||||
CVE-2002-1680 | 1 Cows | 1 Cgi Online Worldweb Shopping | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi. | |||||
CVE-1999-0976 | 1 Eric Allman | 1 Sendmail | 2024-02-04 | 2.1 LOW | N/A |
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail. |