Total
250623 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0990 | 1 Krzysztof Dabrowski | 1 Cmd5checkpw | 2023-12-10 | 7.5 HIGH | N/A |
cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username. | |||||
CVE-2001-0632 | 1 Sun | 1 Chilisoft | 2023-12-10 | 7.5 HIGH | N/A |
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges. | |||||
CVE-2002-0054 | 1 Microsoft | 2 Exchange Server, Windows 2000 | 2023-12-10 | 7.5 HIGH | N/A |
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials. | |||||
CVE-2002-1340 | 1 Microsoft | 1 Office Web Components | 2023-12-10 | 5.0 MEDIUM | N/A |
The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception. | |||||
CVE-2000-1047 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command. | |||||
CVE-2002-0176 | 1 Avaya | 1 Libsafe | 2023-12-10 | 4.6 MEDIUM | N/A |
The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. | |||||
CVE-1999-0722 | 1 Sun | 1 Cobalt Raq 2 | 2023-12-10 | 10.0 HIGH | N/A |
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. | |||||
CVE-2004-1370 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT. | |||||
CVE-2000-0134 | 1 Adgrafix Corporation | 1 Check It Out | 2023-12-10 | 7.5 HIGH | N/A |
The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2001-1456 | 4 Mcafee, Network Associates, Pgp and 1 more | 5 Webshield Smtp, Gauntlet Firewall, Mcafee E-ppliance and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | |||||
CVE-2001-0468 | 1 Ftpfs | 1 Ftpfs | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. | |||||
CVE-2003-0404 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. | |||||
CVE-2000-0295 | 1 Lcdproc | 1 Lcdproc | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command. | |||||
CVE-2000-0344 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value. | |||||
CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
A system does not present an appropriate legal message or warning to a user who is accessing it. | |||||
CVE-2001-0528 | 1 Oracle | 1 E-business Suite | 2023-12-10 | 7.2 HIGH | N/A |
Oracle E-Business Suite Release 11i Applications Desktop Integrator (ADI) version 7.x includes a debug version of FNDPUB11I.DLL, which logs the APPS schema password in cleartext in a debug file, which allows local users to obtain the password and gain privileges. | |||||
CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2023-12-10 | 6.2 MEDIUM | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | |||||
CVE-1999-0488 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability. | |||||
CVE-2004-1453 | 1 Gnu | 1 Glibc | 2023-12-10 | 2.1 LOW | N/A |
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | |||||
CVE-1999-1279 | 1 Microsoft | 1 Sna Server | 2023-12-10 | 5.0 MEDIUM | N/A |
An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU. |