Total
28646 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0873 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||
CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2023-12-10 | 5.0 MEDIUM | N/A |
SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | |||||
CVE-2000-0268 | 1 Cisco | 12 3660 Router, 7100 Router, 7200 Router and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | |||||
CVE-2000-0392 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. | |||||
CVE-2002-1120 | 1 Savant | 1 Savant Web Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2000-0490 | 1 Netwin | 1 Dmail | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request. | |||||
CVE-2002-1393 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | |||||
CVE-2002-1378 | 1 Openldap | 1 Openldap | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | |||||
CVE-2000-0506 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 10.0 HIGH | N/A |
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability." | |||||
CVE-2002-2007 | 1 Apache | 1 Tomcat | 2023-12-10 | 5.0 MEDIUM | N/A |
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages. | |||||
CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 5.0 MEDIUM | N/A |
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. | |||||
CVE-2000-0047 | 1 Yahoo | 1 Pager | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. | |||||
CVE-2004-1710 | 1 Andrew Kilpatrick | 1 Page Cgi | 2023-12-10 | 7.5 HIGH | N/A |
page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter. | |||||
CVE-2001-0844 | 1 Seth Leonard | 2 Book Of Guests, Post It | 2023-12-10 | 7.5 HIGH | N/A |
Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter. | |||||
CVE-2001-1032 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 7.5 HIGH | N/A |
admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy. | |||||
CVE-2002-1468 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. | |||||
CVE-2001-1488 | 1 Open Projects Network | 1 Open Projects Network Ircd | 2023-12-10 | 5.0 MEDIUM | N/A |
Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon. | |||||
CVE-2001-0335 | 1 Microsoft | 1 Internet Information Server | 2023-12-10 | 5.0 MEDIUM | N/A |
FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters. | |||||
CVE-2002-1494 | 1 Aestiva | 1 Html Os | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message. | |||||
CVE-1999-0924 | 1 Allaire | 1 Coldfusion Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. |