Total
254029 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0532 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability. | |||||
CVE-2002-2112 | 1 Rca | 1 Digital Cable Modem | 2024-02-04 | 5.0 MEDIUM | N/A |
RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP access, which allows remote attackers to read or write MIB information. | |||||
CVE-1999-1043 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | |||||
CVE-1999-1270 | 1 Kde | 1 Kde | 2024-02-04 | 4.6 MEDIUM | N/A |
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps. | |||||
CVE-2002-0527 | 1 Watchguard | 1 Soho Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
Watchguard SOHO firewall before 5.0.35 allows remote attackers to cause a denial of service (crash and reboot) when SOHO forwards a packet with bad IP options. | |||||
CVE-2004-0667 | 2 Gentoo, Rsbac | 2 Linux, Rsbac | 2024-02-04 | 7.2 HIGH | N/A |
Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. | |||||
CVE-2003-1237 | 1 Matt Wright | 1 Wwwboard | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. | |||||
CVE-2002-1699 | 1 Pascal Michaud | 1 Asp Client Check | 2024-02-04 | 10.0 HIGH | N/A |
SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field. | |||||
CVE-1999-0823 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument. | |||||
CVE-2004-2166 | 1 Canon | 2 Imagerunner 5000i, Imagerunner C3200 | 2024-02-04 | 7.5 HIGH | N/A |
The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | |||||
CVE-2001-0773 | 1 Cayman | 1 3220-h Dsl Router | 2024-02-04 | 5.0 MEDIUM | N/A |
Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests. | |||||
CVE-2004-0430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | |||||
CVE-2000-0544 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length. | |||||
CVE-1999-0019 | 7 Data General, Ibm, Ncr and 4 more | 10 Dg Ux, Aix, Mp-ras and 7 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Delete or create a file via rpc.statd, due to invalid information. | |||||
CVE-2000-0133 | 1 H. Nomura | 1 Tiny Ftpdaemon | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands. | |||||
CVE-2001-1338 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Telnetd Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system. | |||||
CVE-2004-1799 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 7.5 HIGH | N/A |
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces. | |||||
CVE-2001-0954 | 1 Lotus | 1 Domino | 2024-02-04 | 5.0 MEDIUM | N/A |
Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory. | |||||
CVE-2004-1607 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2024-02-04 | 5.0 MEDIUM | N/A |
slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment request with an invalid file parameter, which reveals the path in an error message. | |||||
CVE-2002-1507 | 1 Epic Games | 1 Unreal Tournament Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777. |