Total
246952 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0014 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | |||||
| CVE-2002-0895 | 1 Matu | 1 Matu Ftp | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command. | |||||
| CVE-2001-0007 | 1 Netscreen | 1 Screen Os | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface. | |||||
| CVE-2004-1658 | 1 Kerio | 1 Personal Firewall | 2023-12-10 | 4.6 MEDIUM | N/A |
| Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. | |||||
| CVE-2002-1784 | 1 Hp | 1 Tru64 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors. | |||||
| CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2023-12-10 | 7.5 HIGH | N/A |
| NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
| CVE-2000-0840 | 1 Davide Libenzi | 1 Xmail | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command. | |||||
| CVE-2001-0854 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 5.0 MEDIUM | N/A |
| PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user. | |||||
| CVE-2000-1056 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.5 HIGH | N/A |
| CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | |||||
| CVE-2004-2236 | 1 Moodle | 1 Moodle | 2023-12-10 | 10.0 HIGH | N/A |
| Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | |||||
| CVE-2004-0834 | 3 Gentoo, Mandrakesoft, Speedtouch | 5 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
| Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. | |||||
| CVE-2001-0965 | 1 Glftpd | 1 Glftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
| glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters. | |||||
| CVE-2003-0470 | 1 Symantec | 1 Security Check | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. | |||||
| CVE-2004-1644 | 1 Jerod Moemeka | 1 Xedus | 2023-12-10 | 5.0 MEDIUM | N/A |
| Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address. | |||||
| CVE-2000-1104 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 7.5 HIGH | N/A |
| Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site. | |||||
| CVE-2001-0328 | 2023-12-10 | 5.0 MEDIUM | N/A | ||
| TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN. | |||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2023-12-10 | 2.1 LOW | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||
| CVE-2004-1655 | 1 Phpwebsite | 1 Phpwebsite | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) CM_pid parameter in the comments module or (2) the subject or message fields in the notes module. | |||||
| CVE-2002-1917 | 1 Geeklog | 1 Geeklog | 2023-12-10 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header. | |||||
| CVE-2001-1009 | 1 Fetchmail | 1 Fetchmail | 2023-12-10 | 10.0 HIGH | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | |||||