Total
254010 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0226 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. | |||||
CVE-2004-0158 | 1 Lgames | 1 Lbreakout2 | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. | |||||
CVE-1999-0756 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 5.0 MEDIUM | N/A |
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility. | |||||
CVE-2003-0690 | 1 Kde | 1 Kde | 2024-02-04 | 10.0 HIGH | N/A |
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. | |||||
CVE-2000-0287 | 1 Cnc | 1 Technology Bizdb | 2024-02-04 | 10.0 HIGH | N/A |
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter. | |||||
CVE-2002-0551 | 1 Gcf | 1 Dynamic Guestbook | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar. | |||||
CVE-2004-1623 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 5.0 MEDIUM | N/A |
The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF. | |||||
CVE-2004-1594 | 1 E-zone Media Inc. | 1 Fusetalk | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag. | |||||
CVE-2004-1774 | 1 Oracle | 2 Application Server, Oracle10g | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter. | |||||
CVE-1999-1591 | 1 Microsoft | 2 Internet Information Server, Visual Interdev | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | |||||
CVE-1999-0706 | 2 Isc, Redhat | 2 Inn, Linux | 2024-02-04 | 7.5 HIGH | N/A |
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. | |||||
CVE-1999-0257 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
Nestea variation of teardrop IP fragmentation denial of service. | |||||
CVE-2000-0830 | 1 Microsoft | 1 Webtv | 2024-02-04 | 5.0 MEDIUM | N/A |
annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705. | |||||
CVE-2002-1549 | 1 Light Httpd | 1 Light Httpd | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2003-1363 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-04 | 6.4 MEDIUM | N/A |
The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. | |||||
CVE-2002-0112 | 1 Etype | 1 Eserv | 2024-02-04 | 5.0 MEDIUM | N/A |
Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL. | |||||
CVE-2004-0690 | 1 Kde | 1 Kde | 2024-02-04 | 4.6 MEDIUM | N/A |
The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory. | |||||
CVE-2001-1383 | 1 Redhat | 1 Linux | 2024-02-04 | 6.2 MEDIUM | N/A |
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. | |||||
CVE-2000-0405 | 1 Atstake | 1 Antisniff | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet. | |||||
CVE-1999-0064 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in AIX lquerylv program gives root access to local users. |