Total
247015 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0138 | 1 Andreas Mueller | 1 Cdrdao | 2023-12-10 | 2.1 LOW | N/A |
CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command. | |||||
CVE-2002-2024 | 1 Horde | 1 Imp | 2023-12-10 | 5.0 MEDIUM | N/A |
Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages. | |||||
CVE-2002-1089 | 1 Oracle | 2 Application Server, Reports | 2023-12-10 | 5.0 MEDIUM | N/A |
rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks. | |||||
CVE-2002-0309 | 1 Symantec | 1 Enterprise Firewall | 2023-12-10 | 5.0 MEDIUM | N/A |
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information. | |||||
CVE-2004-0339 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter. | |||||
CVE-2000-1046 | 1 Lotus | 1 Domino | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands. | |||||
CVE-2001-0612 | 1 Mcafee | 1 Remote Desktop 32 | 2023-12-10 | 5.0 MEDIUM | N/A |
McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. | |||||
CVE-2001-0634 | 1 Sun | 1 Chilisoft | 2023-12-10 | 7.2 HIGH | N/A |
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service. | |||||
CVE-2001-1293 | 1 3com | 1 3cr29223 | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request. | |||||
CVE-2000-0184 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2023-12-10 | 2.1 LOW | N/A |
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. | |||||
CVE-2002-1277 | 1 Windowmaker | 1 Windowmaker | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. | |||||
CVE-2004-1755 | 1 Bea | 1 Weblogic Server | 2023-12-10 | 7.5 HIGH | N/A |
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges. | |||||
CVE-1999-0825 | 1 Sco | 1 Unixware | 2023-12-10 | 3.6 LOW | N/A |
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. | |||||
CVE-2003-1562 | 1 Openbsd | 1 Openssh | 2023-12-10 | 7.6 HIGH | N/A |
sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190. | |||||
CVE-2002-1394 | 1 Apache | 1 Tomcat | 2023-12-10 | 7.5 HIGH | N/A |
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | |||||
CVE-2003-1406 | 1 Adalis Infomatique | 1 D Forum | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. | |||||
CVE-2001-0791 | 1 Trend Micro | 1 Interscan Viruswall | 2023-12-10 | 5.0 MEDIUM | N/A |
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access. | |||||
CVE-1999-1157 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | |||||
CVE-2003-0303 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2023-12-10 | 5.0 MEDIUM | N/A |
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. | |||||
CVE-2002-1814 | 4 Gnome, Mandrakesoft, Redhat and 1 more | 4 Bonobo, Mandrake Linux, Linux and 1 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. |