Total
260505 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0212 | 2 Avaya, Microsoft | 8 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share. | |||||
CVE-2000-0741 | 1 Network Associates | 1 Net Tools Pki Server | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension. | |||||
CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2024-02-04 | 7.5 HIGH | N/A |
Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
CVE-2003-1128 | 1 X2 Studios | 1 Xmms Remote | 2024-02-04 | 7.5 HIGH | N/A |
XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. | |||||
CVE-2004-0483 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests. | |||||
CVE-2003-1381 | 1 Amxmod.net | 1 Amx Mod | 2024-02-04 | 6.8 MEDIUM | N/A |
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command. | |||||
CVE-2001-1378 | 1 Fetchmail | 1 Fetchmail | 2024-02-04 | 2.1 LOW | N/A |
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | |||||
CVE-2004-1472 | 1 Symantec | 10 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 7 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface. | |||||
CVE-2003-0750 | 1 Py-membres | 1 Py-membres | 2024-02-04 | 7.5 HIGH | N/A |
secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter. | |||||
CVE-2000-0785 | 1 Wircsrv | 1 Irc Server | 2024-02-04 | 5.0 MEDIUM | N/A |
WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file. | |||||
CVE-2000-1185 | 1 Itserv Incorporated | 1 Ridewaypn | 2024-02-04 | 5.0 MEDIUM | N/A |
The telnet proxy in RideWay PN proxy server allows remote attackers to cause a denial of service via a flood of connections that contain malformed requests. | |||||
CVE-2004-0563 | 1 Freenet6 | 1 Freenet6 | 2024-02-04 | 2.1 LOW | N/A |
The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password. | |||||
CVE-2001-0553 | 1 Ssh | 1 Secure Shell | 2024-02-04 | 7.2 HIGH | N/A |
SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field. | |||||
CVE-1999-1090 | 1 Ncsa | 1 Telnet | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files. | |||||
CVE-2004-0273 | 1 Realnetworks | 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player | 2024-02-04 | 9.3 HIGH | N/A |
Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file. | |||||
CVE-2000-1077 | 1 Iplanet | 1 Iplanet Web Server | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. | |||||
CVE-2000-0770 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 6.4 MEDIUM | N/A |
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability. | |||||
CVE-2003-0842 | 1 Dag Apt Repository | 1 Mod Gzip | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header. | |||||
CVE-2001-1416 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 5.1 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags. | |||||
CVE-2004-0414 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. |