Total
90738 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0299 | 2 Mutt, Stuart Parmenter | 2 Mutt, Balsa | 2023-12-10 | 7.5 HIGH | N/A |
The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors. | |||||
CVE-2002-1308 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. | |||||
CVE-1999-0725 | 1 Microsoft | 1 Internet Information Server | 2023-12-10 | 7.1 HIGH | N/A |
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". | |||||
CVE-2002-1398 | 1 Postgresql | 1 Postgresql | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input." | |||||
CVE-2002-1825 | 1 Wasd | 1 Wasd Http Server | 2023-12-10 | 6.4 MEDIUM | N/A |
Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allows remote attackers to execute arbitrary commands or crash the server via format strings in the $name variable. | |||||
CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | |||||
CVE-2001-0013 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
CVE-1999-1328 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack. | |||||
CVE-2000-0387 | 1 Alexander Siegel | 1 Golddig | 2023-12-10 | 2.1 LOW | N/A |
The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files. | |||||
CVE-2004-0118 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code. | |||||
CVE-2003-1224 | 1 Bea | 1 Weblogic Server | 2023-12-10 | 2.1 LOW | N/A |
Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen. | |||||
CVE-2004-1973 | 1 Digi | 1 Www Server | 2023-12-10 | 5.0 MEDIUM | N/A |
DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters. | |||||
CVE-1999-1458 | 1 Digital | 1 Unix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | |||||
CVE-2000-0953 | 1 Evolvable Corporation | 1 Shambala Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection. | |||||
CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2023-12-10 | 2.1 LOW | N/A |
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | |||||
CVE-2004-0516 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | |||||
CVE-2001-0305 | 1 Thinking Arts | 1 Es.one | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. (dot dot) in the StartID parameter. | |||||
CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2023-12-10 | 7.5 HIGH | N/A |
Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
CVE-2004-2048 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. | |||||
CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. |