Total
28647 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0904 | 1 Qnx | 1 Voyager | 2023-12-10 | 5.0 MEDIUM | N/A |
Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information. | |||||
CVE-1999-0493 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.5 HIGH | N/A |
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. | |||||
CVE-2001-1207 | 1 Daydream | 1 Daydream Bbs | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA. | |||||
CVE-2001-1252 | 1 Pgp | 1 Keyserver | 2023-12-10 | 10.0 HIGH | N/A |
Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory. | |||||
CVE-2001-1566 | 2 Vanessa, Verge | 2 Vanessa Logger, Perdition | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function. | |||||
CVE-1999-0394 | 2023-12-10 | 10.0 HIGH | N/A | ||
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. | |||||
CVE-2002-0076 | 3 Hp, Microsoft, Sun | 5 Java Jre-jdk, Virtual Machine, Jdk and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. | |||||
CVE-2002-1834 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2023-12-10 | 6.4 MEDIUM | N/A |
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history. | |||||
CVE-2001-0044 | 1 Lexmark | 1 Markvision | 2023-12-10 | 7.2 HIGH | N/A |
Multiple buffer overflows in Lexmark MarkVision printer driver programs allows local users to gain privileges via long arguments to the cat_network, cat_paraller, and cat_serial commands. | |||||
CVE-2003-0636 | 1 Novell | 1 Ichain | 2023-12-10 | 7.5 HIGH | N/A |
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. | |||||
CVE-1999-1060 | 1 Tetrix | 1 Tetrinet | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname. | |||||
CVE-1999-0837 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2023-12-10 | 10.0 HIGH | N/A |
Denial of service in BIND by improperly closing TCP sessions via so_linger. | |||||
CVE-1999-0684 | 1 Hp | 1 Sendmail | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in Sendmail 8.8.6 in HPUX. | |||||
CVE-2000-0439 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. | |||||
CVE-2004-0050 | 1 Verity | 1 Ultraseek | 2023-12-10 | 5.0 MEDIUM | N/A |
Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others. | |||||
CVE-1999-0808 | 1 Isc | 1 Dhcp Client | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options. | |||||
CVE-2003-0756 | 1 Sitebuilder | 1 Sitebuilder | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter. | |||||
CVE-1999-0478 | 1 Sendmail | 1 Sendmail | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections. | |||||
CVE-2004-0356 | 1 Seattle Lab Software | 1 Slmail Pro | 2023-12-10 | 10.0 HIGH | N/A |
Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version. | |||||
CVE-2002-1017 | 1 Adobe | 1 Digital Editions | 2023-12-10 | 2.1 LOW | N/A |
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code. |