Total
259192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0938 | 1 Samba | 1 Samba | 2024-02-04 | 5.0 MEDIUM | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | |||||
| CVE-2004-0418 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
| serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | |||||
| CVE-2002-0423 | 1 Efingerd | 1 Efingerd | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address with a long hostname that is obtained via a reverse DNS lookup. | |||||
| CVE-1999-1051 | 1 Matt Wright | 1 Formhandler.cgi | 2024-02-04 | 5.0 MEDIUM | N/A |
| Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter. | |||||
| CVE-2003-1293 | 1 Nukedweb | 1 Guestbookhost | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. | |||||
| CVE-2003-0670 | 1 Sustainable Softworks | 2 Ipnetmonitorx, Ipnetsentryx | 2024-02-04 | 2.1 LOW | N/A |
| Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow. | |||||
| CVE-1999-0012 | 2 Microsoft, Netscape | 5 Frontpage, Internet Information Server, Personal Web Server and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | |||||
| CVE-2000-0140 | 1 True North | 1 Internet Anywhere Mail Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections. | |||||
| CVE-1999-0716 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. | |||||
| CVE-2001-0769 | 1 Steve Poulsen | 1 Guildftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character. | |||||
| CVE-2002-0362 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711. | |||||
| CVE-2001-1359 | 1 Caldera | 1 Volution | 2024-02-04 | 10.0 HIGH | N/A |
| Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. | |||||
| CVE-2000-0160 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2024-02-04 | 7.6 HIGH | N/A |
| The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. | |||||
| CVE-2002-1560 | 1 Martin Bauer | 1 Gbook | 2024-02-04 | 10.0 HIGH | N/A |
| index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true. | |||||
| CVE-2003-1174 | 1 Nullsoft | 1 Shoutcast Server | 2024-02-04 | 2.1 LOW | N/A |
| Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | |||||
| CVE-2002-0667 | 1 Pingtel | 1 Xpressa | 2024-02-04 | 10.0 HIGH | N/A |
| Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone. | |||||
| CVE-2002-0906 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server. | |||||
| CVE-2002-2128 | 1 W-agora | 1 W-agora | 2024-02-04 | 4.6 MEDIUM | N/A |
| editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter. | |||||
| CVE-2003-0012 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 2.1 LOW | N/A |
| The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. | |||||
| CVE-1999-1120 | 1 Sgi | 1 Irix | 2024-02-04 | 4.6 MEDIUM | N/A |
| netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. | |||||