Total
28647 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 4 Linux, Debian Linux, Linux and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | |||||
CVE-2001-0381 | 1 Pgp | 1 Openpgp | 2023-12-10 | 4.6 MEDIUM | N/A |
The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key. | |||||
CVE-1999-0036 | 1 Sgi | 1 Irix | 2023-12-10 | 7.2 HIGH | N/A |
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. | |||||
CVE-2004-0086 | 1 Apple | 1 Mac Os X | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085. | |||||
CVE-2004-2118 | 1 Tinyserver | 1 Tinyserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via a GET request with a long filename, possibly due to a buffer overflow. | |||||
CVE-2004-1638 | 1 Tabs Laboratories | 1 Mailcarrier | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command. | |||||
CVE-2004-1323 | 1 Netbsd | 1 Netbsd | 2023-12-10 | 2.1 LOW | N/A |
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. | |||||
CVE-2002-0650 | 1 Microsoft | 1 Sql Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop. | |||||
CVE-1999-0139 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. | |||||
CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2023-12-10 | 7.5 HIGH | N/A |
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | |||||
CVE-1999-1077 | 1 Apple | 1 Macos | 2023-12-10 | 4.6 MEDIUM | N/A |
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. | |||||
CVE-1999-0432 | 1 Hp | 1 Hp-ux | 2023-12-10 | 4.6 MEDIUM | N/A |
ftp on HP-UX 11.00 allows local users to gain privileges. | |||||
CVE-2004-2032 | 1 Netgear | 1 Rp114 | 2023-12-10 | 7.5 HIGH | N/A |
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. | |||||
CVE-2002-2028 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2023-12-10 | 2.1 LOW | N/A |
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | |||||
CVE-1999-0990 | 1 Gnome | 1 Gdm | 2023-12-10 | 2.1 LOW | N/A |
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system. | |||||
CVE-2004-1483 | 1 Symantec | 1 Clientless Vpn Gateway 4400 | 2023-12-10 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | |||||
CVE-2001-0829 | 1 Apache | 1 Tomcat | 2023-12-10 | 5.1 MEDIUM | N/A |
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message. | |||||
CVE-2003-1022 | 1 Debian | 1 Fsp | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | |||||
CVE-2002-1936 | 1 Utstarcom | 1 Bas 1000 | 2023-12-10 | 7.5 HIGH | N/A |
UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows remote attackers to gain access via (1) field account with a password of "*field", (2) guru account with a password of "*3noguru", (3) snmp account with a password of "snmp", or (4) dbase account with a password of "dbase". | |||||
CVE-2002-0414 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 7.5 HIGH | N/A |
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. |