Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1521 | 1 Computalynx | 1 Cmail | 2024-02-04 | 10.0 HIGH | N/A |
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server. | |||||
CVE-2004-0076 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was removed from consideration by its Candidate Numbering Authority. Notes: none. | |||||
CVE-2000-0591 | 1 Novell | 1 Bordermanager | 2024-02-04 | 5.0 MEDIUM | N/A |
Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding characters in the requested URL. | |||||
CVE-2003-0485 | 1 Progress | 1 4gl Compiler | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type. | |||||
CVE-2003-1347 | 1 Geeklog | 1 Geeklog | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field. | |||||
CVE-2002-1675 | 1 Unreal | 1 Unrealircd | 2024-02-04 | 6.4 MEDIUM | N/A |
Format string vulnerability in the Cio_PrintF function of cio_main.c in Unreal IRCd 3.1.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers. | |||||
CVE-2000-0402 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 2.1 LOW | N/A |
The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. | |||||
CVE-2000-0472 | 1 Isc | 1 Inn | 2024-02-04 | 3.6 LOW | N/A |
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | |||||
CVE-2001-0427 | 1 Cisco | 6 Vpn 3000 Concentrator, Vpn 3005 Concentrator, Vpn 3015 Concentrator and 3 more | 2024-02-04 | 7.1 HIGH | N/A |
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. | |||||
CVE-2004-2014 | 1 Gnu | 1 Wget | 2024-02-04 | 2.6 LOW | N/A |
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | |||||
CVE-1999-1077 | 1 Apple | 1 Macos | 2024-02-04 | 4.6 MEDIUM | N/A |
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. | |||||
CVE-2001-0246 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2024-02-04 | 5.0 MEDIUM | N/A |
IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | |||||
CVE-2002-0276 | 1 Ettercap | 1 Ettercap | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets. | |||||
CVE-2003-0135 | 1 Redhat | 1 Linux | 2024-02-04 | 7.5 HIGH | N/A |
vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended. | |||||
CVE-2002-0802 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 7.5 HIGH | N/A |
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks. | |||||
CVE-2005-0189 | 1 Realnetworks | 2 Realone Player, Realplayer | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. | |||||
CVE-2004-1517 | 1 Zonelabs | 1 Imsecure | 2024-02-04 | 7.5 HIGH | N/A |
Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions. | |||||
CVE-2002-2402 | 1 Surecom | 1 Ep-4501 | 2024-02-04 | 10.0 HIGH | N/A |
SURECOM broadband router EP-4501 uses a default SNMP read community string of "public" and a default SNMP read/write community string of "secret," which allows remote attackers to read and modify router configuration information. | |||||
CVE-2002-1671 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. |