Total
253993 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0947 | 1 Oracle | 2 Application Server, Reports | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter. | |||||
CVE-1999-0465 | 2024-02-04 | 10.0 HIGH | N/A | ||
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. | |||||
CVE-2002-1692 | 1 Microsoft | 1 Windows 95 | 2024-02-04 | 3.6 LOW | N/A |
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up. | |||||
CVE-2000-1190 | 1 Jon Atkins | 1 Imwheel | 2024-02-04 | 2.1 LOW | N/A |
imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file. | |||||
CVE-2002-2100 | 1 Microsoft | 1 Outlook | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content. | |||||
CVE-1999-1291 | 1 Microsoft | 2 Windows 95, Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | |||||
CVE-2002-0699 | 1 Microsoft | 6 Windows 2000, Windows 98, Windows 98se and 3 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. | |||||
CVE-2004-1389 | 1 Veritas | 1 Netbackup | 2024-02-04 | 6.0 MEDIUM | N/A |
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature. | |||||
CVE-2004-2100 | 1 Geovision | 1 Geohttpserver | 2024-02-04 | 5.0 MEDIUM | N/A |
GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines). | |||||
CVE-2001-0365 | 1 Qualcomm | 1 Eudora | 2024-02-04 | 7.5 HIGH | N/A |
Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. | |||||
CVE-2002-1548 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called." | |||||
CVE-2002-0412 | 1 Luca Deri | 1 Ntop | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication. | |||||
CVE-2003-1284 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe. | |||||
CVE-2003-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.6 MEDIUM | N/A |
The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. | |||||
CVE-2002-0193 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability. | |||||
CVE-2001-1474 | 1 Ssh | 1 Ssh | 2024-02-04 | 5.0 MEDIUM | N/A |
SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache. | |||||
CVE-2004-0652 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 7.2 HIGH | N/A |
BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods. | |||||
CVE-2001-1266 | 1 Doug Neal | 1 Dnhttpd | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'. | |||||
CVE-2001-0876 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. | |||||
CVE-1999-1467 | 1 Sun | 1 Sunos | 2024-02-04 | 10.0 HIGH | N/A |
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user. |