Total
253993 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0649 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 2.6 LOW | N/A |
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined. | |||||
CVE-2002-0872 | 1 L2tpd | 1 L2tpd | 2024-02-04 | 7.5 HIGH | N/A |
l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions. | |||||
CVE-2002-2055 | 1 Teekai | 1 Teekai Tracking Online | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
CVE-1999-0653 | 2024-02-04 | 10.0 HIGH | N/A | ||
A component service related to NIS+ is running. | |||||
CVE-2002-1573 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling." | |||||
CVE-2004-0687 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
CVE-1999-1570 | 1 Caldera | 1 Openserver | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. | |||||
CVE-2000-0564 | 1 Mirabilis | 1 Icq | 2024-02-04 | 5.0 MEDIUM | N/A |
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. | |||||
CVE-2004-0786 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool. | |||||
CVE-2000-0935 | 1 Samba | 1 Samba | 2024-02-04 | 7.2 HIGH | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | |||||
CVE-1999-0227 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. | |||||
CVE-2002-2388 | 1 Inweb | 1 Mail Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command. | |||||
CVE-2002-0106 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | N/A |
BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name. | |||||
CVE-2004-1977 | 1 3com | 1 Webbngss3nbxnts | 2024-02-04 | 5.0 MEDIUM | N/A |
3com NBX IP VOIP NetSet Configuration Manager allows remote attackers to cause a denial of service (crash) via a Nessus scan in safeChecks mode. | |||||
CVE-2004-0159 | 1 Samhain Labs | 1 Hsftp | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command. | |||||
CVE-2003-0853 | 2 Gnu, Washington University | 2 Fileutils, Wu-ftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | |||||
CVE-1999-0903 | 1 Ibm | 1 Aix | 2024-02-04 | 7.5 HIGH | N/A |
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. | |||||
CVE-2001-1329 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument. | |||||
CVE-2002-1798 | 1 Midicart | 3 Midicart Php, Midicart Php Maxi, Midicart Php Plus | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php. | |||||
CVE-2000-1209 | 2 Compaq, Microsoft | 4 Insight Manager, Insight Manager Xe, Data Engine and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida. |