Vulnerabilities (CVE)

Total 260444 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0650 2024-02-04 5.0 MEDIUM N/A
The netstat service is running, which provides sensitive information to remote attackers.
CVE-2004-2204 1 Macromedia 1 Coldfusion 2024-02-04 7.2 HIGH N/A
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
CVE-1999-1424 1 Sun 1 Solstice Adminsuite 2024-02-04 6.2 MEDIUM N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.
CVE-2001-1081 2 Lucent, Simon Horms 2 Radius, Radius 2024-02-04 7.5 HIGH N/A
Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.
CVE-2002-1166 1 John Franks 1 Wn Server 2024-02-04 7.5 HIGH N/A
Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2004-0049 1 Realnetworks 2 Helix Universal Mobile Server, Helix Universal Server 2024-02-04 6.8 MEDIUM N/A
Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port.
CVE-2003-0361 1 Debian 1 Debian Linux 2024-02-04 7.5 HIGH N/A
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
CVE-1999-0878 2 Beroftpd, Washington University 2 Beroftpd, Wu-ftpd 2024-02-04 10.0 HIGH N/A
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
CVE-2002-1685 1 Working Resources Inc. 1 Badblue 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.
CVE-2004-0006 2 Rob Flynn, Ultramagnetic 2 Gaim, Ultramagnetic 2024-02-04 7.5 HIGH N/A
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect.
CVE-2001-0668 1 Hp 1 Hp-ux 2024-02-04 7.5 HIGH N/A
Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.
CVE-1999-1036 1 Cops 1 Cops 2024-02-04 7.2 HIGH N/A
COPS 1.04 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files in (1) res_diff, (2) ca.src, and (3) mail.chk.
CVE-2001-1258 1 Horde 1 Imp 2024-02-04 3.6 LOW N/A
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
CVE-1999-0654 2024-02-04 10.0 HIGH N/A
The OS/2 or POSIX subsystem in NT is enabled.
CVE-2003-1156 1 Sun 2 Jdk, Jre 2024-02-04 4.6 MEDIUM N/A
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.
CVE-2002-0357 1 Sgi 1 Irix 2024-02-04 7.2 HIGH N/A
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.
CVE-2003-0836 1 Ibm 1 Db2 Universal Database 2024-02-04 7.5 HIGH N/A
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.
CVE-2002-1881 1 Macromedia 1 Flash Player 2024-02-04 5.0 MEDIUM N/A
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.
CVE-2001-0122 1 Ibm 2 Http Server, Websphere Application Server 2024-02-04 5.0 MEDIUM N/A
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error.
CVE-1999-0449 1 Microsoft 1 Internet Information Server 2024-02-04 7.8 HIGH N/A
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.