Total
254031 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0963 | 1 Alexander V. Lukyanov | 1 Lftp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands. | |||||
CVE-1999-0896 | 1 Realnetworks | 1 Realserver G2 | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password. | |||||
CVE-2001-0603 | 1 Lotus | 1 Domino R5 Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148. | |||||
CVE-2000-0034 | 1 Netscape | 1 Communicator | 2024-02-04 | 5.0 MEDIUM | N/A |
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | |||||
CVE-2003-0301 | 1 Microsoft | 1 Outlook Express | 2024-02-04 | 5.0 MEDIUM | N/A |
The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||||
CVE-2004-0349 | 1 Gweb | 1 Gweb Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in GWeb HTTP Server 0.6 allows remote attackers to view arbitrary files via a .. (dot dot) in the URL. | |||||
CVE-2004-1954 | 1 Phprofession | 1 Phprofession | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in modules.php in phProfession 2.5 allows remote attackers to inject arbitrary web script or HTML via the jcode parameter. | |||||
CVE-2003-0073 | 1 Oracle | 1 Mysql | 2024-02-04 | 5.0 MEDIUM | N/A |
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. | |||||
CVE-2003-0882 | 1 Apple | 1 Mac Os X | 2024-02-04 | 5.0 MEDIUM | N/A |
Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet. | |||||
CVE-2000-0684 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 10.0 HIGH | N/A |
BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file. | |||||
CVE-2004-0044 | 1 Cisco | 1 Personal Assistant | 2024-02-04 | 7.5 HIGH | N/A |
Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is enabled and the Corporate Directory settings refer to the directory service being used by Cisco CallManager, which allows remote attackers to gain access with a valid username. | |||||
CVE-2000-1181 | 1 Realnetworks | 1 Realserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL. | |||||
CVE-2000-0680 | 1 Cvs | 1 Cvs | 2024-02-04 | 7.2 HIGH | N/A |
The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action. | |||||
CVE-2003-0297 | 1 University Of Washington | 3 C-client, Imap-2002b, Pine | 2024-02-04 | 7.5 HIGH | N/A |
c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors. | |||||
CVE-2000-0235 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges. | |||||
CVE-1999-0390 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Dosemu Slang library in Linux. | |||||
CVE-2001-0177 | 1 Webmaster | 1 Conferenceroom | 2024-02-04 | 5.0 MEDIUM | N/A |
WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a denial of service via a buddy relationship between the IRC server and a server clone. | |||||
CVE-2000-1210 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp. | |||||
CVE-2001-0703 | 1 Arcadia | 1 Arcadia Internet Store | 2024-02-04 | 5.0 MEDIUM | N/A |
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter. | |||||
CVE-2001-0982 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings. |