Total
258806 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1109 | 1 Midnight Commander | 1 Midnight Commander | 2024-02-04 | 4.6 MEDIUM | N/A |
| Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed. | |||||
| CVE-2002-1234 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0180. Reason: This candidate is a an out-of-band assignment duplicate of CVE-2002-0180. Notes: All CVE users should reference CVE-2002-0180 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2003-1026 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 9.3 HIGH | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the "Travel Log Cross Domain Vulnerability." | |||||
| CVE-2002-1627 | 1 Mike Spice | 1 Quiz Me | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the quiz parameter. | |||||
| CVE-2001-0944 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-04 | 7.2 HIGH | N/A |
| DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process. | |||||
| CVE-2004-0043 | 1 Yahoo | 1 Messenger | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. | |||||
| CVE-1999-0601 | 2024-02-04 | 10.0 HIGH | N/A | ||
| A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets. | |||||
| CVE-1999-0641 | 2024-02-04 | N/A | N/A | ||
| The UUCP service is running. | |||||
| CVE-2003-0488 | 1 Kerio | 1 Kerio Mailserver | 2024-02-04 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. | |||||
| CVE-1999-0739 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-2003-0039 | 1 Isc | 1 Dhcpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. | |||||
| CVE-2000-0637 | 1 Microsoft | 1 Excel | 2024-02-04 | 4.6 MEDIUM | N/A |
| Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability. | |||||
| CVE-2001-0093 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | |||||
| CVE-2001-1432 | 1 Cherokee | 1 Cherokee Httpd | 2024-02-04 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2003-0550 | 1 Redhat | 1 Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. | |||||
| CVE-2000-0501 | 1 Alt-n | 1 Mdaemon | 2024-02-04 | 2.6 LOW | N/A |
| Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server. | |||||
| CVE-2003-1120 | 1 Ssh | 1 Tectia Server | 2024-02-04 | 3.7 LOW | N/A |
| Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key. | |||||
| CVE-2002-1272 | 1 Alcatel | 1 Aos | 2024-02-04 | 10.0 HIGH | N/A |
| Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. | |||||
| CVE-2004-2083 | 1 Opera | 1 Opera Browser | 2024-02-04 | 2.6 LOW | N/A |
| Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing." | |||||
| CVE-2003-1056 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | |||||