Total
91375 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0322 | 1 Yahoo | 1 Messenger | 2023-12-10 | 7.5 HIGH | N/A |
| Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing. | |||||
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | |||||
| CVE-2002-0605 | 1 Macromedia | 1 Flash Player | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary code via a long movie parameter. | |||||
| CVE-2002-1306 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL. | |||||
| CVE-2001-0180 | 1 Lars Ellingsen | 1 Guestserver | 2023-12-10 | 10.0 HIGH | N/A |
| Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter. | |||||
| CVE-2000-0653 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability. | |||||
| CVE-2002-2012 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | |||||
| CVE-2001-1183 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
| PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. | |||||
| CVE-1999-1339 | 2 Freebsd, Linux | 2 Freebsd, Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
| Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. | |||||
| CVE-2000-0389 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0221 | 1 Freebsd | 1 Ja-xklock | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. | |||||
| CVE-2003-0904 | 1 Microsoft | 3 Exchange Server, Sharepoint Services, Windows Server 2003 | 2023-12-10 | 6.0 MEDIUM | N/A |
| Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed. | |||||
| CVE-2003-1471 | 1 Alt-n | 1 Mdaemon | 2023-12-10 | 6.3 MEDIUM | N/A |
| MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. | |||||
| CVE-2001-0516 | 1 Oracle | 2 Oracle8i, Oracle9i | 2023-12-10 | 5.0 MEDIUM | N/A |
| Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data. | |||||
| CVE-2004-1834 | 1 Apache | 1 Http Server | 2023-12-10 | 2.1 LOW | N/A |
| mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information. | |||||
| CVE-2002-1538 | 1 Acuma | 1 Acusend | 2023-12-10 | 5.0 MEDIUM | N/A |
| Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable. | |||||
| CVE-2001-0488 | 1 Hp | 1 Hp-ux | 2023-12-10 | 2.1 LOW | N/A |
| pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service. | |||||
| CVE-2000-0402 | 1 Microsoft | 1 Sql Server | 2023-12-10 | 2.1 LOW | N/A |
| The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. | |||||
| CVE-2002-2308 | 1 Netscape | 1 Communicator | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. | |||||
| CVE-2004-0093 | 1 Xfree86 Project | 1 X11r6 | 2023-12-10 | 7.5 HIGH | N/A |
| XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI). | |||||