Total
90219 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0704 | 1 Mozilla | 1 Bugzilla | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.18 before 2.18rc1, when configured to hide products, allows remote attackers to view hidden products. | |||||
| CVE-2003-1447 | 1 Ibm | 1 Websphere Application Server | 2023-12-10 | 1.9 LOW | N/A |
| IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. | |||||
| CVE-2002-2116 | 1 Netgear | 2 Rm356, Rt338 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap. | |||||
| CVE-2001-0010 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | |||||
| CVE-2000-0647 | 1 Texas Imperial Software | 1 Wftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST command before logging into the server. | |||||
| CVE-2002-1063 | 1 T. Hauck | 1 Jana Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports. | |||||
| CVE-2002-0947 | 1 Oracle | 2 Application Server, Reports | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter. | |||||
| CVE-2004-1611 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2023-12-10 | 5.1 MEDIUM | N/A |
| SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1) execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle (MITM) attack, or (2) obtain the database password via a GetConnection request to TCP port 1707. | |||||
| CVE-2004-1759 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. | |||||
| CVE-1999-0389 | 1 Debian | 1 Debian Linux | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in the bootp server in the Debian Linux netstd package. | |||||
| CVE-2002-1686 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in lscfg of unknown versions of AIX has unknown impact. | |||||
| CVE-2001-1583 | 1 Sun | 1 Sunos | 2023-12-10 | 10.0 HIGH | N/A |
| lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. | |||||
| CVE-2001-0712 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc. | |||||
| CVE-2003-1360 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. | |||||
| CVE-2004-2047 | 1 Easyweb | 1 Easyweb Filemanager | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter. | |||||
| CVE-2003-0260 | 1 Cisco | 6 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3015 Concentrator and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets. | |||||
| CVE-2002-0510 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
| The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | |||||
| CVE-2000-1070 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2023-12-10 | 5.0 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information. | |||||
| CVE-2000-0162 | 1 Microsoft | 3 Ie, Internet Explorer, Visual Studio | 2023-12-10 | 5.1 MEDIUM | N/A |
| The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | |||||
| CVE-2004-2103 | 1 Novell | 1 Netware | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. | |||||