Total
250745 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0390 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Dosemu Slang library in Linux. | |||||
CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | |||||
CVE-2002-0814 | 1 Vmware | 1 Gsx Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument. | |||||
CVE-2000-0630 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability. | |||||
CVE-2001-1178 | 1 Xfree86 Project | 1 X11r6 | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | |||||
CVE-2003-0594 | 1 Mozilla | 1 Mozilla | 2023-12-10 | 7.5 HIGH | N/A |
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
CVE-2002-0699 | 1 Microsoft | 6 Windows 2000, Windows 98, Windows 98se and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. | |||||
CVE-2001-0836 | 1 Oracle | 1 Application Server Web Cache | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2001-0871 | 2 Alchemy Lab, Dek Software | 2 Alchemy Eye, Alchemy Network Monitor | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10. | |||||
CVE-2001-0857 | 1 Imp | 1 Webmail | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter. | |||||
CVE-2002-2306 | 1 Kazaa | 1 Kazaa Media Desktop | 2023-12-10 | 7.8 HIGH | N/A |
Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to cause a denial of service (CPU consumption) by sending several large messages. | |||||
CVE-2002-1248 | 1 Northern Solutions | 1 Xeneo Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service (crash) via a GET request for a "%" URI. | |||||
CVE-1999-0899 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. | |||||
CVE-2003-0039 | 1 Isc | 1 Dhcpd | 2023-12-10 | 5.0 MEDIUM | N/A |
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. | |||||
CVE-2003-0366 | 1 Lysator | 1 Lyskom-server | 2023-12-10 | 5.0 MEDIUM | N/A |
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query. | |||||
CVE-2002-1450 | 1 Ibm | 1 U2 Universe | 2023-12-10 | 5.0 MEDIUM | N/A |
IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow. | |||||
CVE-2000-0113 | 1 Sybergen | 1 Sygate | 2023-12-10 | 7.5 HIGH | N/A |
The SyGate Remote Management program does not properly restrict access to its administration service, which allows remote attackers to cause a denial of service, or access network traffic statistics. | |||||
CVE-2002-1390 | 1 Geneweb | 1 Geneweb | 2023-12-10 | 5.0 MEDIUM | N/A |
The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL. | |||||
CVE-1999-1541 | 1 Cactus Software | 1 Shell-lock | 2023-12-10 | 7.2 HIGH | N/A |
shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file. | |||||
CVE-2002-0841 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0842. Reason: This candidate is a duplicate of CVE-2002-0842. The duplicate assignment was made before public disclosure. Notes: none |