Total
28646 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2099 | 1 Gnu | 1 Data Display Debugger | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE. | |||||
| CVE-2004-0099 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 4.6 MEDIUM | N/A |
| mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions. | |||||
| CVE-2004-1766 | 1 Juniper | 1 Netscreen-security Manager 2004 | 2023-12-10 | 5.0 MEDIUM | N/A |
| The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing. | |||||
| CVE-2001-1186 | 1 Microsoft | 1 Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection. | |||||
| CVE-2000-0827 | 1 Mobius | 1 Documentdirect For The Internet | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. | |||||
| CVE-2003-1126 | 1 Sun | 1 One Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | |||||
| CVE-1999-1264 | 1 Ramp Networks | 1 Webramp | 2023-12-10 | 7.5 HIGH | N/A |
| WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled. | |||||
| CVE-2001-1467 | 1 Don Libes | 1 Expect | 2023-12-10 | 7.5 HIGH | N/A |
| mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks. | |||||
| CVE-2003-1005 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. | |||||
| CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
| Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||||
| CVE-2003-0700 | 1 Redhat | 1 Kernel | 2023-12-10 | 7.5 HIGH | N/A |
| The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. | |||||
| CVE-2002-2125 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 6.4 MEDIUM | N/A |
| Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack. | |||||
| CVE-2002-0037 | 1 Ibm | 1 Lotus Domino Server | 2023-12-10 | 7.5 HIGH | N/A |
| Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. | |||||
| CVE-1999-0775 | 1 Cisco | 1 Ios | 2023-12-10 | 10.0 HIGH | N/A |
| Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. | |||||
| CVE-1999-0295 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. | |||||
| CVE-2004-0524 | 1 Thiago Melo De Paula | 1 Change Passwd | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name. | |||||
| CVE-2000-0872 | 1 Nathan Purciful | 1 Phpphotoalbum | 2023-12-10 | 5.0 MEDIUM | N/A |
| explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0357 | 1 Redhat | 1 Linux | 2023-12-10 | 7.5 HIGH | N/A |
| ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. | |||||
| CVE-2004-0561 | 1 University Of Minnesota | 1 Gopherd | 2023-12-10 | 7.5 HIGH | N/A |
| Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2002-0540 | 1 Nortel | 1 Cvx 1800 Multi-service Access Switch | 2023-12-10 | 7.5 HIGH | N/A |
| Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration. | |||||