Total
253993 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0626 | 1 Oreilly | 1 Website Professional | 2024-02-04 | 7.5 HIGH | N/A |
O'Reilly Website Professional 2.5.4 and earlier allows remote attackers to determine the physical path to the root directory via a URL request containing a ":" character. | |||||
CVE-2002-1400 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string. | |||||
CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | |||||
CVE-2000-0660 | 1 Alt-n | 1 Worldclient | 2024-02-04 | 5.0 MEDIUM | N/A |
The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2000-0134 | 1 Adgrafix Corporation | 1 Check It Out | 2024-02-04 | 7.5 HIGH | N/A |
The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2002-0101 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released. | |||||
CVE-2004-1366 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2024-02-04 | 4.6 MEDIUM | N/A |
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges. | |||||
CVE-2000-0932 | 1 Clearswift | 1 Mailsweeper For Smtp | 2024-02-04 | 5.0 MEDIUM | N/A |
MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service. | |||||
CVE-2003-1304 | 1 Early Impact | 1 Productcart | 2024-02-04 | 5.0 MEDIUM | N/A |
EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. | |||||
CVE-2003-1247 | 1 Positive Software | 1 H-sphere | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist. | |||||
CVE-2002-0991 | 1 Hp | 1 Cifs-9000 Server | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | |||||
CVE-2003-0239 | 1 Mirabilis | 1 Icq | 2024-02-04 | 5.0 MEDIUM | N/A |
icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor. | |||||
CVE-2003-0238 | 1 Mirabilis | 1 Icq | 2024-02-04 | 5.0 MEDIUM | N/A |
The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag. | |||||
CVE-2000-0837 | 1 Deerfield | 1 Ftp Serv-u | 2024-02-04 | 5.0 MEDIUM | N/A |
FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes. | |||||
CVE-2002-1646 | 1 Ssh | 1 Secure Shell For Servers | 2024-02-04 | 7.5 HIGH | N/A |
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server. | |||||
CVE-2000-0659 | 1 Analogx | 1 Proxy | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request. | |||||
CVE-2000-0760 | 1 Apache | 1 Tomcat | 2024-02-04 | 6.4 MEDIUM | N/A |
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | |||||
CVE-2001-1275 | 1 Oracle | 1 Mysql | 2024-02-04 | 7.2 HIGH | N/A |
MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking. | |||||
CVE-2003-0104 | 1 Peoplesoft | 1 Peopletools | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. | |||||
CVE-2004-0997 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. |