Total
90913 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0940 | 1 Sap | 1 Sap Db | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | |||||
CVE-2001-1349 | 1 Sendmail | 1 Sendmail | 2023-12-10 | 3.7 LOW | N/A |
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. | |||||
CVE-2004-0819 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet. | |||||
CVE-2002-1225 | 1 Kth | 1 Heimdal | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access. | |||||
CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2023-12-10 | 1.2 LOW | N/A |
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-1999-1059 | 1 Att | 1 Svr4 | 2023-12-10 | 10.0 HIGH | N/A |
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands. | |||||
CVE-2004-1451 | 1 Mozilla | 1 Mozilla | 2023-12-10 | 2.6 LOW | N/A |
Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks. | |||||
CVE-2003-1176 | 1 Bdc Enterprises | 1 Web Wiz Forums | 2023-12-10 | 6.4 MEDIUM | N/A |
post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter. | |||||
CVE-2001-1472 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 4.6 MEDIUM | N/A |
SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter. | |||||
CVE-2001-0354 | 1 Thenet | 1 Checkbo | 2023-12-10 | 5.0 MEDIUM | N/A |
TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on. | |||||
CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2023-12-10 | 5.0 MEDIUM | N/A |
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
CVE-2002-2133 | 1 Telindus | 1 1120 Adsl Router | 2023-12-10 | 10.0 HIGH | N/A |
Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password. | |||||
CVE-2004-0085 | 1 Apple | 1 Mac Os X | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086. | |||||
CVE-2000-1139 | 1 Microsoft | 1 Exchange Server | 2023-12-10 | 7.5 HIGH | N/A |
The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. | |||||
CVE-2001-0951 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters. | |||||
CVE-2002-1812 | 1 Gdam | 1 Gdam | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter. | |||||
CVE-2001-0599 | 1 Sybase | 1 Adaptive Server Anywhere | 2023-12-10 | 5.0 MEDIUM | N/A |
Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638. | |||||
CVE-2002-1692 | 1 Microsoft | 1 Windows 95 | 2023-12-10 | 3.6 LOW | N/A |
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up. | |||||
CVE-2003-0778 | 1 Sane | 2 Sane, Sane-backend | 2023-12-10 | 5.0 MEDIUM | N/A |
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption). | |||||
CVE-2002-0490 | 1 Instant Web Mail | 1 Instant Web Mail | 2023-12-10 | 10.0 HIGH | N/A |
Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php. |