Vulnerabilities (CVE)

Total 259726 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-1360 1 Microsoft 1 Windows Nt 2024-02-04 2.1 LOW N/A
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
CVE-2000-0653 1 Microsoft 1 Outlook Express 2024-02-04 5.0 MEDIUM N/A
Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability.
CVE-2000-1092 1 Alex Heiphetz Group 1 Ezshopper 2024-02-04 5.0 MEDIUM N/A
loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter.
CVE-1999-0346 1 Php 1 Php Fi 2024-02-04 5.0 MEDIUM N/A
CGI PHP mlog script allows an attacker to read any file on the target server.
CVE-2002-1194 1 Netbsd 1 Netbsd 2024-02-04 7.5 HIGH N/A
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
CVE-1999-1339 2 Freebsd, Linux 2 Freebsd, Linux Kernel 2024-02-04 5.0 MEDIUM N/A
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
CVE-2003-1538 1 Suse 3 Office Server, Suse Linux, Suse Linux Openexchange Server 2024-02-04 6.4 MEDIUM N/A
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
CVE-2001-1356 1 Netwin 1 Surgeftp 2024-02-04 10.0 HIGH N/A
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.
CVE-2004-1692 1 Mambo 1 Mambo Open Source 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters.
CVE-2002-0088 1 Sun 2 Solaris, Sunos 2024-02-04 7.2 HIGH N/A
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
CVE-2002-0511 1 Nscd 1 Nscd 2024-02-04 7.5 HIGH N/A
The default configuration of Name Service Cache Daemon (nscd) in Caldera OpenLinux 3.1 and 3.1.1 uses cached PTR records instead of consulting the authoritative DNS server for the A record, which could make it easier for remote attackers to bypass applications that restrict access based on host names.
CVE-2002-0341 1 Novell 1 Groupwise 2024-02-04 5.0 MEDIUM N/A
GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.
CVE-2000-0217 2 Openbsd, Ssh 3 Openssh, Ssh, Ssh2 2024-02-04 5.1 MEDIUM N/A
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVE-2004-0105 3 Metamail Corporation, Redhat, Sgi 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more 2024-02-04 7.5 HIGH N/A
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVE-2001-1353 1 Aladdin Enterprises 1 Ghostscript 2024-02-04 2.6 LOW N/A
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.
CVE-2002-0574 1 Freebsd 1 Freebsd 2024-02-04 5.0 MEDIUM N/A
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed.
CVE-2003-0451 1 Xblockout 1 Xbl 2024-02-04 4.6 MEDIUM N/A
Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments.
CVE-2003-0032 1 Mcrypt 1 Libmcrypt 2024-02-04 5.0 MEDIUM N/A
Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.
CVE-2004-1357 1 Sun 1 Solaris 2024-02-04 5.0 MEDIUM N/A
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
CVE-2002-0366 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2024-02-04 7.2 HIGH N/A
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.