Total
254012 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1058 | 1 Wolfram Research | 1 Mathematica | 2024-02-04 | 7.5 HIGH | N/A |
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license. | |||||
CVE-2004-1391 | 1 Qnx | 2 Rtos, Rtp | 2024-02-04 | 4.6 MEDIUM | N/A |
Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program. | |||||
CVE-2001-0501 | 1 Microsoft | 1 Word | 2024-02-04 | 4.6 MEDIUM | N/A |
Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner. | |||||
CVE-1999-0005 | 2 Netscape, University Of Washington | 2 Messaging Server, Imap | 2024-02-04 | 10.0 HIGH | N/A |
Arbitrary command execution via IMAP buffer overflow in authenticate command. | |||||
CVE-2002-1244 | 1 Pablo Software Solutions | 1 Pablo Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command. | |||||
CVE-1999-1188 | 1 Oracle | 1 Mysql | 2024-02-04 | 4.6 MEDIUM | N/A |
mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. | |||||
CVE-2000-1201 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 5.0 MEDIUM | N/A |
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. | |||||
CVE-2000-0964 | 1 Siemens | 1 Hinet Lp | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
CVE-2002-1927 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2024-02-04 | 2.1 LOW | N/A |
Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file. | |||||
CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2024-02-04 | 10.0 HIGH | N/A |
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | |||||
CVE-2003-1522 | 1 Pscs | 1 Vpop3 Web Mail Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page. | |||||
CVE-2001-0865 | 1 Cisco | 1 12000 Router | 2024-02-04 | 7.5 HIGH | N/A |
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | |||||
CVE-2001-0486 | 1 Novell | 1 Bordermanager | 2024-02-04 | 5.0 MEDIUM | N/A |
Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353. | |||||
CVE-2004-1983 | 2 Gentoo, The Pax Team | 2 Linux, Pax Linux | 2024-02-04 | 2.1 LOW | N/A |
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
CVE-2000-0889 | 2024-02-04 | 5.1 MEDIUM | N/A | ||
Two Sun security certificates have been compromised, which could allow attackers to insert malicious code such as applets and make it appear that it is signed by Sun. | |||||
CVE-2003-0487 | 1 Kerio | 1 Kerio Mailserver | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module. | |||||
CVE-2002-2358 | 1 Opera Software | 1 Opera Web Browser | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. | |||||
CVE-2002-0078 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability. | |||||
CVE-2000-0840 | 1 Davide Libenzi | 1 Xmail | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command. | |||||
CVE-2000-1138 | 1 Ibm | 1 Lotus Notes | 2024-02-04 | 7.5 HIGH | N/A |
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. |