Total
92460 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0923 | 1 Aplio | 1 Aplio Phone | 2023-12-10 | 7.5 HIGH | N/A |
| authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter. | |||||
| CVE-2001-0561 | 1 Drummond Miles | 1 A1stats | 2023-12-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi. | |||||
| CVE-2003-0219 | 1 Kerio | 1 Personal Firewall 2 | 2023-12-10 | 7.5 HIGH | N/A |
| Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server. | |||||
| CVE-2002-2243 | 1 Akfingerd | 1 Akfingerd | 2023-12-10 | 5.0 MEDIUM | N/A |
| Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time out connections, which allows remote attackers to cause a denial of service (refused connections) by opening a connection and not closing it. | |||||
| CVE-2001-0894 | 1 Wietse Venema | 1 Postfix | 2023-12-10 | 5.0 MEDIUM | N/A |
| Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which forces the SMTP session log to grow too large. | |||||
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.5 HIGH | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | |||||
| CVE-2002-2114 | 1 Netjuke | 1 Netjuke | 2023-12-10 | 7.5 HIGH | N/A |
| Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call. | |||||
| CVE-2003-0992 | 1 Gnu | 1 Mailman | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | |||||
| CVE-2000-0683 | 1 Bea | 1 Weblogic Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. | |||||
| CVE-2004-0751 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). | |||||
| CVE-2000-0558 | 1 Hp | 1 Openview Network Node Manager | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345. | |||||
| CVE-2002-0957 | 1 Iss | 1 Blackice Agent | 2023-12-10 | 5.0 MEDIUM | N/A |
| The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user. | |||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2001-1280 | 1 Ipswitch | 1 Imail | 2023-12-10 | 5.0 MEDIUM | N/A |
| POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system. | |||||
| CVE-2002-1004 | 1 Argosoft | 1 Argosoft Mail Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | |||||
| CVE-2002-1373 | 1 Oracle | 1 Mysql | 2023-12-10 | 5.0 MEDIUM | N/A |
| Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call. | |||||
| CVE-2002-1779 | 1 Symantec | 1 Norton Personal Firewall | 2023-12-10 | 7.5 HIGH | N/A |
| The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305). | |||||
| CVE-2001-0992 | 1 Kabotie Software Technologies | 1 Shopplus Cart | 2023-12-10 | 7.5 HIGH | N/A |
| shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the "file" parameter. | |||||
| CVE-2000-1217 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | |||||
| CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2023-12-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | |||||