Total
249041 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0394 | 1 Red-m | 1 1050ap Lan Acess Point | 2023-12-10 | 10.0 HIGH | N/A |
Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords. | |||||
CVE-2004-1605 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2023-12-10 | 7.5 HIGH | N/A |
SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator. | |||||
CVE-2002-1214 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. | |||||
CVE-2001-0796 | 2 Freebsd, Sgi | 2 Freebsd, Irix | 2023-12-10 | 5.0 MEDIUM | N/A |
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. | |||||
CVE-2004-1394 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 4.6 MEDIUM | N/A |
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges. | |||||
CVE-2004-0601 | 1 Distcc | 1 Distcc | 2023-12-10 | 7.5 HIGH | N/A |
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions. | |||||
CVE-2002-0482 | 1 Newlog | 1 Netsupport Manager | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in PCI Netsupport Manager before version 7, when running web extensions, allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. | |||||
CVE-1999-1550 | 1 F5 | 1 Tmos | 2023-12-10 | 5.0 MEDIUM | N/A |
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter. | |||||
CVE-1999-0870 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste. | |||||
CVE-2004-0238 | 1 0verkill | 1 0verkill | 2023-12-10 | 7.2 HIGH | N/A |
Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitrary code in the client via a long HOME environment variable in the (1) load_cfg and (2) save_cfg functions; possibly allow remote attackers to execute arbitrary code via long strings to (3) the send_message function; and, in the server, via (4) the parse_command_line function. | |||||
CVE-2004-0630 | 1 Adobe | 1 Acrobat Reader | 2023-12-10 | 10.0 HIGH | N/A |
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command. | |||||
CVE-2002-0107 | 1 Cacheflow | 1 Cacheos | 2023-12-10 | 5.0 MEDIUM | N/A |
Web administration interface in CacheFlow CacheOS 4.0.13 and earlier allows remote attackers to obtain sensitive information via a series of GET requests that do not end in with HTTP/1.0 or another version string, which causes the information to be leaked in the error message. | |||||
CVE-2004-0181 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. | |||||
CVE-2000-0178 | 1 Foundrynet | 1 Serveriron | 2023-12-10 | 7.5 HIGH | N/A |
ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. | |||||
CVE-2003-0679 | 1 Sgi | 1 Irix | 2023-12-10 | 2.1 LOW | N/A |
Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files. | |||||
CVE-2000-0678 | 1 Pgp | 1 Pgp | 2023-12-10 | 5.0 MEDIUM | N/A |
PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's public certificate to decrypt any data that has been encrypted with the modified certificate. | |||||
CVE-2000-0759 | 1 Apache | 1 Tomcat | 2023-12-10 | 6.4 MEDIUM | N/A |
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. | |||||
CVE-2001-0987 | 1 Nathan Neulinger | 1 Cgiwrap | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap. | |||||
CVE-2002-1770 | 1 Qualcomm | 1 Eudora | 2023-12-10 | 5.0 MEDIUM | N/A |
Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. | |||||
CVE-1999-0679 | 1 Hybrid Network | 1 Hybrid Ircd | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option. |