Total
254124 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1047 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command. | |||||
| CVE-2000-0018 | 1 Windowmaker | 1 Wmmon | 2024-02-04 | 7.2 HIGH | N/A |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. | |||||
| CVE-1999-0072 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in AIX xdat gives root access to local users. | |||||
| CVE-2002-0213 | 2 Sgi, Xinet | 2 Irix, K-ashare | 2024-02-04 | 2.1 LOW | N/A |
| xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. | |||||
| CVE-2002-0460 | 1 Bitvise | 1 Winsshd | 2024-02-04 | 5.0 MEDIUM | N/A |
| Bitvise WinSSHD before 2002-03-16 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of incomplete connections that are not properly terminated, which are not properly freed by SSHd. | |||||
| CVE-2003-0964 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: N/A. Notes: none. | |||||
| CVE-2000-0485 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 2.1 LOW | N/A |
| Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability. | |||||
| CVE-2003-0904 | 1 Microsoft | 3 Exchange Server, Sharepoint Services, Windows Server 2003 | 2024-02-04 | 6.0 MEDIUM | N/A |
| Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed. | |||||
| CVE-2001-1298 | 1 Grant Horwood | 1 Webodex | 2024-02-04 | 5.0 MEDIUM | N/A |
| Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2004-1541 | 1 Van Dyke Technologies | 1 Securecrt | 2024-02-04 | 7.5 HIGH | N/A |
| SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share. | |||||
| CVE-2001-1041 | 1 Oracle | 1 Database Server | 2024-02-04 | 2.1 LOW | N/A |
| oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable. | |||||
| CVE-2001-1375 | 2 Conectiva, Redhat | 2 Linux, Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
| tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory. | |||||
| CVE-2003-1029 | 1 Lbl | 1 Tcpdump | 2024-02-04 | 5.0 MEDIUM | N/A |
| The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. | |||||
| CVE-2002-1562 | 1 Acme Labs | 1 Thttpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header. | |||||
| CVE-1999-0873 | 1 Sky Communications | 1 Skyfull | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Skyfull mail server via MAIL FROM command. | |||||
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 7.2 HIGH | N/A |
| The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | |||||
| CVE-2002-0520 | 1 Asp-nuke | 1 Asp-nuke | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag. | |||||
| CVE-2003-1344 | 1 Trend Micro | 1 Virus Control System | 2024-02-04 | 5.0 MEDIUM | N/A |
| Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | |||||
| CVE-2002-0041 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump. | |||||
| CVE-2001-0164 | 1 Netscape | 1 Directory Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. | |||||