Total
91551 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0915 | 1 Pacific Software | 1 Url Live | 2023-12-10 | 5.0 MEDIUM | N/A |
URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2000-0017 | 1 Redhat | 1 Linux | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | |||||
CVE-2004-0842 | 2 Avaya, Microsoft | 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability." | |||||
CVE-2004-1733 | 1 Mydms | 1 Mydms | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. (dot dot) sequences in the URL. | |||||
CVE-2004-2083 | 1 Opera | 1 Opera Browser | 2023-12-10 | 2.6 LOW | N/A |
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing." | |||||
CVE-1999-0118 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
AIX infod allows local users to gain root access through an X display. | |||||
CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 4.6 MEDIUM | N/A |
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | |||||
CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2023-12-10 | 10.0 HIGH | N/A |
time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||
CVE-1999-1523 | 1 Sambar | 1 Sambar Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. | |||||
CVE-2000-1116 | 1 Transsoft | 1 Broker Ftp Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long command. | |||||
CVE-1999-1509 | 1 Etype | 1 Eserv | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL. | |||||
CVE-2002-1286 | 1 Microsoft | 1 Java Virtual Machine | 2023-12-10 | 7.5 HIGH | N/A |
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user. | |||||
CVE-2000-0997 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges. | |||||
CVE-2000-0905 | 1 Qnx | 1 Voyager | 2023-12-10 | 5.0 MEDIUM | N/A |
QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page. | |||||
CVE-2000-0588 | 1 Sawmill | 1 Sawmill | 2023-12-10 | 5.0 MEDIUM | N/A |
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands. | |||||
CVE-2004-1244 | 1 Microsoft | 1 Windows Media Player | 2023-12-10 | 7.5 HIGH | N/A |
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability." | |||||
CVE-2004-1794 | 1 Vcard4j | 1 Vcard4j | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard. | |||||
CVE-2004-1446 | 1 Juniper | 1 Netscreen Screenos | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. | |||||
CVE-2003-1506 | 1 Daniel Barron | 1 Dansguardian | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter. | |||||
CVE-2000-0502 | 1 Mcafee | 1 Virusscan | 2023-12-10 | 2.1 LOW | N/A |
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. |