Total
248594 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1521 | 1 Computalynx | 1 Cmail | 2023-12-10 | 10.0 HIGH | N/A |
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server. | |||||
CVE-2000-0659 | 1 Analogx | 1 Proxy | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request. | |||||
CVE-2000-0346 | 1 Apple | 1 Appleshare | 2023-12-10 | 5.0 MEDIUM | N/A |
AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | |||||
CVE-1999-0788 | 1 Knox Software | 1 Arkeia | 2023-12-10 | 5.0 MEDIUM | N/A |
Arkiea nlservd allows remote attackers to conduct a denial of service. | |||||
CVE-2002-0508 | 1 Wwwisis | 1 Wwwisis | 2023-12-10 | 10.0 HIGH | N/A |
wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog. | |||||
CVE-2004-0637 | 1 Oracle | 2 Oracle8i, Oracle9i | 2023-12-10 | 6.5 MEDIUM | N/A |
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible. | |||||
CVE-2001-0420 | 1 Way To The Web | 1 Talkback | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter. | |||||
CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | |||||
CVE-2001-1523 | 1 Dmozgateway | 1 Dmozgateway | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the DMOZGateway module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the topic parameter. | |||||
CVE-1999-0516 | 2023-12-10 | 7.5 HIGH | N/A | ||
An SNMP community name is guessable. | |||||
CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | |||||
CVE-2003-1047 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0540. Reason: This candidate is a duplicate of CVE-2004-0540. Notes: All CVE users should reference CVE-2004-0540 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2000-0307 | 1 Sco | 3 Open Desktop, Openserver, Unixware | 2023-12-10 | 5.0 MEDIUM | N/A |
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. | |||||
CVE-2002-2319 | 1 Mysimplenews | 1 Mysimplenews | 2023-12-10 | 7.5 HIGH | N/A |
Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3. | |||||
CVE-2002-0562 | 1 Oracle | 3 Application Server, Application Server Web Cache, Oracle9i | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa. | |||||
CVE-2003-1232 | 1 Gnu | 1 Emacs | 2023-12-10 | 5.1 MEDIUM | N/A |
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. | |||||
CVE-2002-0398 | 1 Red-m | 1 1050ap Lan Acess Point | 2023-12-10 | 10.0 HIGH | N/A |
Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name. | |||||
CVE-2003-0102 | 2 File, Netbsd | 2 File, Netbsd | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | |||||
CVE-2001-0711 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. | |||||
CVE-2003-0010 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. |