Total
259735 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1354 | 1 Gamespy3d | 1 Gamespy 3d | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942. | |||||
| CVE-1999-1545 | 1 Joes Own Editor | 1 Joe | 2024-02-04 | 2.1 LOW | N/A |
| Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users. | |||||
| CVE-2000-0522 | 1 Rsa | 1 Ace Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| RSA ACE/Server allows remote attackers to cause a denial of service by flooding the server's authentication request port with UDP packets, which causes the server to crash. | |||||
| CVE-1999-0946 | 1 Yamaha | 1 Midiplug | 2024-02-04 | 5.1 MEDIUM | N/A |
| Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag. | |||||
| CVE-2002-1045 | 1 Ultrafunk | 1 Popcorn | 2024-02-04 | 5.0 MEDIUM | N/A |
| Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037. | |||||
| CVE-2002-2160 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1798. Reason: This candidate is a duplicate of CVE-2002-1798. Notes: All CVE users should reference CVE-2002-1798 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2003-0878 | 1 Apple | 1 Mac Os X | 2024-02-04 | 2.1 LOW | N/A |
| slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875. | |||||
| CVE-2003-0982 | 1 Cisco | 9 Application And Content Networking Software, Content Distribution Manager 4630, Content Distribution Manager 4650 and 6 more | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password. | |||||
| CVE-1999-1023 | 1 Sun | 1 Sunos | 2024-02-04 | 4.6 MEDIUM | N/A |
| useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. | |||||
| CVE-2000-0673 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability. | |||||
| CVE-2000-1152 | 1 Be | 1 Beos | 2024-02-04 | 5.0 MEDIUM | N/A |
| Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2001-1469 | 1 Ssh | 1 Ssh | 2024-02-04 | 5.0 MEDIUM | N/A |
| The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified. | |||||
| CVE-1999-0589 | 2024-02-04 | 10.0 HIGH | N/A | ||
| A system-critical Windows NT registry key has inappropriate permissions. | |||||
| CVE-2000-1000 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 5.0 MEDIUM | N/A |
| Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters. | |||||
| CVE-2002-1895 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
| The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN. | |||||
| CVE-1999-1584 | 1 Sun | 2 Openwindows, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
| Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586. | |||||
| CVE-2004-0240 | 1 Qualiteam | 1 X-cart | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. (dot dot) in the shop_closed_file argument to auth.php. | |||||
| CVE-2001-1336 | 1 Aclogic | 1 Cesarftp | 2024-02-04 | 7.5 HIGH | N/A |
| CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges. | |||||
| CVE-2001-0800 | 1 Sgi | 1 Irix | 2024-02-04 | 10.0 HIGH | N/A |
| lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2002-0892 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2024-02-04 | 5.0 MEDIUM | N/A |
| The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message. | |||||