Vulnerabilities (CVE)

Total 260505 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0212 2 Avaya, Microsoft 8 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 5 more 2024-02-04 10.0 HIGH N/A
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.
CVE-2000-0741 1 Network Associates 1 Net Tools Pki Server 2024-02-04 7.5 HIGH N/A
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.
CVE-2000-1020 1 Alt-n 1 Mdaemon 2024-02-04 7.5 HIGH N/A
Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL.
CVE-2003-1128 1 X2 Studios 1 Xmms Remote 2024-02-04 7.5 HIGH N/A
XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086.
CVE-2004-0483 1 Sgi 1 Irix 2024-02-04 5.0 MEDIUM N/A
Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests.
CVE-2003-1381 1 Amxmod.net 1 Amx Mod 2024-02-04 6.8 MEDIUM N/A
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command.
CVE-2001-1378 1 Fetchmail 1 Fetchmail 2024-02-04 2.1 LOW N/A
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
CVE-2004-1472 1 Symantec 10 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 7 more 2024-02-04 5.0 MEDIUM N/A
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
CVE-2003-0750 1 Py-membres 1 Py-membres 2024-02-04 7.5 HIGH N/A
secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.
CVE-2000-0785 1 Wircsrv 1 Irc Server 2024-02-04 5.0 MEDIUM N/A
WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file.
CVE-2000-1185 1 Itserv Incorporated 1 Ridewaypn 2024-02-04 5.0 MEDIUM N/A
The telnet proxy in RideWay PN proxy server allows remote attackers to cause a denial of service via a flood of connections that contain malformed requests.
CVE-2004-0563 1 Freenet6 1 Freenet6 2024-02-04 2.1 LOW N/A
The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password.
CVE-2001-0553 1 Ssh 1 Secure Shell 2024-02-04 7.2 HIGH N/A
SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field.
CVE-1999-1090 1 Ncsa 1 Telnet 2024-02-04 7.5 HIGH N/A
The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.
CVE-2004-0273 1 Realnetworks 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player 2024-02-04 9.3 HIGH N/A
Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file.
CVE-2000-1077 1 Iplanet 1 Iplanet Web Server 2024-02-04 10.0 HIGH N/A
Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension.
CVE-2000-0770 1 Microsoft 2 Internet Information Server, Internet Information Services 2024-02-04 6.4 MEDIUM N/A
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.
CVE-2003-0842 1 Dag Apt Repository 1 Mod Gzip 2024-02-04 7.5 HIGH N/A
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.
CVE-2001-1416 1 Aol 1 Instant Messenger 2024-02-04 5.1 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags.
CVE-2004-0414 5 Cvs, Gentoo, Openbsd and 2 more 5 Cvs, Linux, Openbsd and 2 more 2024-02-04 10.0 HIGH N/A
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.