Total
260444 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0650 | 2024-02-04 | 5.0 MEDIUM | N/A | ||
The netstat service is running, which provides sensitive information to remote attackers. | |||||
CVE-2004-2204 | 1 Macromedia | 1 Coldfusion | 2024-02-04 | 7.2 HIGH | N/A |
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT. | |||||
CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2024-02-04 | 6.2 MEDIUM | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | |||||
CVE-2001-1081 | 2 Lucent, Simon Horms | 2 Radius, Radius | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. | |||||
CVE-2002-1166 | 1 John Franks | 1 Wn Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows remote attackers to execute arbitrary code via a long GET request. | |||||
CVE-2004-0049 | 1 Realnetworks | 2 Helix Universal Mobile Server, Helix Universal Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | |||||
CVE-2003-0361 | 1 Debian | 1 Debian Linux | 2024-02-04 | 7.5 HIGH | N/A |
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. | |||||
CVE-1999-0878 | 2 Beroftpd, Washington University | 2 Beroftpd, Wu-ftpd | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR. | |||||
CVE-2002-1685 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI. | |||||
CVE-2004-0006 | 2 Rob Flynn, Ultramagnetic | 2 Gaim, Ultramagnetic | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. | |||||
CVE-2001-0668 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands. | |||||
CVE-1999-1036 | 1 Cops | 1 Cops | 2024-02-04 | 7.2 HIGH | N/A |
COPS 1.04 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files in (1) res_diff, (2) ca.src, and (3) mail.chk. | |||||
CVE-2001-1258 | 1 Horde | 1 Imp | 2024-02-04 | 3.6 LOW | N/A |
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server. | |||||
CVE-1999-0654 | 2024-02-04 | 10.0 HIGH | N/A | ||
The OS/2 or POSIX subsystem in NT is enabled. | |||||
CVE-2003-1156 | 1 Sun | 2 Jdk, Jre | 2024-02-04 | 4.6 MEDIUM | N/A |
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. | |||||
CVE-2002-0357 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges. | |||||
CVE-2003-0836 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command. | |||||
CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2024-02-04 | 5.0 MEDIUM | N/A |
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | |||||
CVE-2001-0122 | 1 Ibm | 2 Http Server, Websphere Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error. | |||||
CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 7.8 HIGH | N/A |
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. |