Total
90913 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0083 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. | |||||
CVE-2001-0990 | 1 Inter7 | 1 Vpopmail | 2023-12-10 | 4.6 MEDIUM | N/A |
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library. | |||||
CVE-2001-1564 | 1 Hp | 1 Hp-ux | 2023-12-10 | 2.1 LOW | N/A |
setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. | |||||
CVE-1999-1132 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. | |||||
CVE-2000-0379 | 1 Netopia | 1 R-series Routers | 2023-12-10 | 3.6 LOW | N/A |
The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. | |||||
CVE-2001-0371 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 6.2 MEDIUM | N/A |
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. | |||||
CVE-2004-2169 | 1 A-a-s Application Access Server | 1 A-a-s Application Access Server | 2023-12-10 | 2.1 LOW | N/A |
Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request. | |||||
CVE-2004-1712 | 1 Typepad | 1 Typepad | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter. | |||||
CVE-1999-0486 | 1 Aol | 1 Instant Messenger | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash. | |||||
CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2023-12-10 | 7.2 HIGH | N/A |
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | |||||
CVE-2003-0842 | 1 Dag Apt Repository | 1 Mod Gzip | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header. | |||||
CVE-2004-0343 | 1 Yabb | 1 Yabb | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php. | |||||
CVE-1999-1045 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 7.8 HIGH | N/A |
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. | |||||
CVE-1999-0073 | 2 Digital, Sgi | 3 Osf 1, Unix, Irix | 2023-12-10 | 10.0 HIGH | N/A |
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. | |||||
CVE-1999-0459 | 2023-12-10 | 4.6 MEDIUM | N/A | ||
Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot. | |||||
CVE-1999-1589 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
CVE-2002-1746 | 1 Maxim Krasnyansky | 1 Vtun | 2023-12-10 | 5.0 MEDIUM | N/A |
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets. | |||||
CVE-2000-0146 | 1 Novell | 1 Groupwise | 2023-12-10 | 5.0 MEDIUM | N/A |
The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet. | |||||
CVE-2000-0368 | 1 Cisco | 1 Ios | 2023-12-10 | 2.1 LOW | N/A |
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. | |||||
CVE-2003-0611 | 1 Xtokkaetama | 1 Xtokkaetama | 2023-12-10 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. |