Total
258985 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0632 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2024-02-04 | 7.5 HIGH | N/A |
| Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow. | |||||
| CVE-2003-1269 | 1 An | 1 An-http | 2024-02-04 | 5.0 MEDIUM | N/A |
| AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message. | |||||
| CVE-2001-0359 | 2 Sierra, Valve Software | 2 Half-life, Half-life Dedicated Server | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command. | |||||
| CVE-1999-0065 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. | |||||
| CVE-2002-2208 | 2 Cisco, Extended Interior Gateway Routing Protocol | 2 Ios, Extended Interior Gateway Routing Protocol | 2024-02-04 | 7.8 HIGH | N/A |
| Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. | |||||
| CVE-1999-0910 | 1 Microsoft | 3 Commercial Internet System, Site Server, Site Server Commerce | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. | |||||
| CVE-2004-0673 | 1 Simm-comm | 1 Sci Photo Chat | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message. | |||||
| CVE-2002-1245 | 1 Frank Mcingvale | 1 Luxman | 2024-02-04 | 7.2 HIGH | N/A |
| Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program. | |||||
| CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2024-02-04 | 4.6 MEDIUM | N/A |
| NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | |||||
| CVE-2000-1045 | 1 Padl Software | 1 Nss Ldap | 2024-02-04 | 1.2 LOW | N/A |
| nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests. | |||||
| CVE-2003-1014 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients. | |||||
| CVE-1999-1089 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. | |||||
| CVE-2003-0602 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs. | |||||
| CVE-2002-1868 | 1 Daniel Stenberg | 1 Dispair | 2024-02-04 | 10.0 HIGH | N/A |
| Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields. | |||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2024-02-04 | 5.0 MEDIUM | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||
| CVE-2004-1780 | 1 Info Touch | 1 Surfnet | 2024-02-04 | 4.6 MEDIUM | N/A |
| Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via repeated authentication attempts. | |||||
| CVE-2002-1079 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request. | |||||
| CVE-2001-1122 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
| Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. | |||||
| CVE-2004-1595 | 1 Shixxnote | 1 Shixxnote | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field. | |||||
| CVE-2001-0413 | 1 Bintec | 3 X1000, X1200, X4000 | 2024-02-04 | 5.0 MEDIUM | N/A |
| BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to hang. | |||||