Total
253999 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1136 | 1 Hp | 1 Hp-ux | 2024-02-04 | 2.1 LOW | N/A |
| The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service. | |||||
| CVE-2002-2311 | 2 Microsoft, Opera Software | 2 Internet Explorer, Opera Web Browser | 2024-02-04 | 6.4 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue. | |||||
| CVE-2000-0288 | 2024-02-04 | 5.0 MEDIUM | N/A | ||
| Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. | |||||
| CVE-2004-0444 | 1 Symantec | 5 Client Firewall, Client Security, Norton Antispam and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components. | |||||
| CVE-1999-1434 | 1 Slackware | 1 Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
| login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server. | |||||
| CVE-2000-1150 | 1 Xavier Ducrohet | 1 Felix | 2024-02-04 | 5.0 MEDIUM | N/A |
| Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-1999-1539 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password. | |||||
| CVE-2001-0920 | 1 Patrick Schemitz | 1 Autonice Daemon | 2024-02-04 | 6.2 MEDIUM | N/A |
| Format string vulnerability in auto nice daemon (AND) 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string. | |||||
| CVE-2002-0708 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to read arbitrary files via an HTTP request containing ... (triple dot) sequences. | |||||
| CVE-2000-0463 | 1 Be | 1 Beos | 2024-02-04 | 5.0 MEDIUM | N/A |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
| CVE-2001-0184 | 1 Eeye Digital Security | 1 Iris | 2024-02-04 | 2.6 LOW | N/A |
| eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet. | |||||
| CVE-2000-0214 | 1 Ftpx | 1 Ftp Explorer | 2024-02-04 | 4.6 MEDIUM | N/A |
| FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites. | |||||
| CVE-1999-1569 | 1 Id Software | 1 Quake | 2024-02-04 | 5.0 MEDIUM | N/A |
| Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit. | |||||
| CVE-2002-0231 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname. | |||||
| CVE-2002-1150 | 1 Microsoft | 1 Netmeeting | 2024-02-04 | 4.6 MEDIUM | N/A |
| The Remote Desktop Sharing (RDS) Screen Saver Protection capability for Microsoft NetMeeting 3.01 through SP2 (4.4.3396) allows attackers with physical access to hijack remote sessions by entering certain logoff or shutdown sequences (such as CTRL-ALT-DEL) and canceling out of the resulting user confirmation prompts, such as when the remote user is editing a document. | |||||
| CVE-2002-1461 | 1 Webscriptworld | 1 Web Shop Manager | 2024-02-04 | 7.5 HIGH | N/A |
| Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. | |||||
| CVE-1999-1531 | 1 Ibm | 1 Homepageprint | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. | |||||
| CVE-2001-0244 | 1 Microsoft | 1 Index Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter. | |||||
| CVE-2002-1640 | 1 Oracle | 1 Configurator | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet. | |||||
| CVE-2000-1208 | 4 Immunix, Netbsd, Openbsd and 1 more | 4 Immunix, Netbsd, Openbsd and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
| Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | |||||