Total
254009 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0090 | 1 Vmware | 1 Workstation | 2024-02-04 | 3.6 LOW | N/A |
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | |||||
CVE-2002-1639 | 1 Oracle | 1 Configurator | 2024-02-04 | 7.5 HIGH | N/A |
Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host". | |||||
CVE-2002-2154 | 1 Monkey-project | 1 Monkey | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences. | |||||
CVE-2004-0782 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2024-02-04 | 7.5 HIGH | N/A |
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687). | |||||
CVE-2002-0327 | 1 Century Software | 1 Term | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program. | |||||
CVE-2003-1027 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 10.0 HIGH | N/A |
Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability." | |||||
CVE-1999-1386 | 1 Perl | 1 Perl | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. | |||||
CVE-2000-1231 | 1 Phorum | 1 Phorum | 2024-02-04 | 5.0 MEDIUM | N/A |
code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string. | |||||
CVE-2001-1539 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem. | |||||
CVE-1999-0677 | 1 Ramp Networks | 2 Webramp 200i, Webramp M3 | 2024-02-04 | 7.5 HIGH | N/A |
The WebRamp web administration utility has a default password. | |||||
CVE-2000-0312 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 7.2 HIGH | N/A |
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | |||||
CVE-2000-0869 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | |||||
CVE-2001-0612 | 1 Mcafee | 1 Remote Desktop 32 | 2024-02-04 | 5.0 MEDIUM | N/A |
McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. | |||||
CVE-2003-0338 | 1 Wsmp3 | 2 Wsmp3 Daemon, Wsmp3 Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests. | |||||
CVE-1999-1544 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. | |||||
CVE-2001-0775 | 2 Xli, Xloadimage | 2 Xli, Xloadimage | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field. | |||||
CVE-2002-0913 | 1 Stephen Hebditch | 1 Slurp | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response. | |||||
CVE-1999-0102 | 1 Seattle Lab Software | 1 Slmail | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. | |||||
CVE-2004-1088 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. | |||||
CVE-2000-0531 | 2 Caldera, Redhat | 3 Openlinux, Openlinux Eserver, Linux | 2024-02-04 | 2.1 LOW | N/A |
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets. |