Total
254077 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2183 | 1 Wehelpbus | 1 Wehelpbus | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. | |||||
CVE-1999-0445 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | |||||
CVE-2004-2147 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. | |||||
CVE-2003-1182 | 1 Mpm | 1 Mpm Guestbook | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. | |||||
CVE-1999-0882 | 1 Falcon | 1 Falcon Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Falcon web server allows remote attackers to determine the absolute path of the web root via long file names. | |||||
CVE-2003-1177 | 1 Atrium Software | 1 Mercur Mailserver | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | |||||
CVE-2004-1949 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module. | |||||
CVE-2001-1233 | 1 Novell | 2 Groupwise Webaccess, Netware | 2024-02-04 | 5.0 MEDIUM | N/A |
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | |||||
CVE-2002-0831 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end. | |||||
CVE-1999-1355 | 1 Compaq | 2 Insight Management Agent, Management Agents For Servers | 2024-02-04 | 7.5 HIGH | N/A |
BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges. | |||||
CVE-2002-1811 | 1 Belkin | 1 F5d6130 Wnap | 2024-02-04 | 5.0 MEDIUM | N/A |
Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to cause a denial of service (connection loss) by sending several SNMP GetNextRequest requests. | |||||
CVE-2001-1216 | 1 Oracle | 1 Application Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page. | |||||
CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.5 HIGH | N/A |
Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | |||||
CVE-1999-1462 | 1 Bb4 | 1 Big Brother | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files. | |||||
CVE-1999-0554 | 2024-02-04 | 10.0 HIGH | N/A | ||
NFS exports system-critical data to the world, e.g. / or a password file. | |||||
CVE-2004-2048 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2024-02-04 | 10.0 HIGH | N/A |
radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. | |||||
CVE-2000-0210 | 1 Sun | 1 Workshop | 2024-02-04 | 1.2 LOW | N/A |
The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. | |||||
CVE-2003-0975 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2024-02-04 | 5.0 MEDIUM | N/A |
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
CVE-1999-0428 | 1 Openssl | 1 Openssl | 2024-02-04 | 7.5 HIGH | N/A |
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls. | |||||
CVE-2000-0984 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. |