Total
247027 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0204 | 4 Bea, Borland Software, Businessobjects and 1 more | 9 Weblogic Server, J Builder, Crystal Enterprise and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx. | |||||
CVE-1999-1387 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25. | |||||
CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2023-12-10 | 7.5 HIGH | N/A |
The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2003-0207 | 1 Gs-common | 1 Gs-common | 2023-12-10 | 2.1 LOW | N/A |
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files. | |||||
CVE-2001-0887 | 1 Oliver Rauch | 1 Xsane | 2023-12-10 | 1.2 LOW | N/A |
xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files. | |||||
CVE-1999-0183 | 2 Linux, Tftp | 2 Linux Kernel, Tftp | 2023-12-10 | 6.4 MEDIUM | N/A |
Linux implementations of TFTP would allow access to files outside the restricted directory. | |||||
CVE-2000-0484 | 1 Max Feoktistov | 1 Small Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow. The overflowed buffer crashes into a Structured Exception Handler resulting in a Denial of Service. | |||||
CVE-2004-1320 | 1 Asante | 1 Fm2008 Managed Ethernet Switch | 2023-12-10 | 7.5 HIGH | N/A |
Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could allow remote attackers to gain unauthorized access. | |||||
CVE-2002-0900 | 1 Mit | 1 Pgp Public Key Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | |||||
CVE-2003-0826 | 1 Gnu | 1 Lsh | 2023-12-10 | 7.5 HIGH | N/A |
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack. | |||||
CVE-2002-1988 | 1 Caucho Technology | 1 Resin | 2023-12-10 | 5.0 MEDIUM | N/A |
Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources. | |||||
CVE-2004-1492 | 1 Quicksilver | 1 Master Of Orion Iii | 2023-12-10 | 5.0 MEDIUM | N/A |
Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exit) via a data packet that contains a large size specifier, which causes a large memory allocation to fail. | |||||
CVE-2000-0575 | 1 Ssh | 1 Ssh | 2023-12-10 | 7.2 HIGH | N/A |
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS. | |||||
CVE-2003-1214 | 1 Visualshapers | 1 Ezcontents | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions. | |||||
CVE-2002-1413 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection. | |||||
CVE-2003-0167 | 1 Mutt | 1 Mutt | 2023-12-10 | 7.5 HIGH | N/A |
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. | |||||
CVE-1999-1454 | 1 Macromedia | 1 Matrix Screen Saver | 2023-12-10 | 4.6 MEDIUM | N/A |
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key. | |||||
CVE-2004-0774 | 1 Realnetworks | 2 Helix Universal Mobile Server And Gateway, Helix Universal Server | 2023-12-10 | 7.8 HIGH | N/A |
RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to cause a denial of service (CPU and memory exhaustion) via a POST request with a Content-Length header set to -1. | |||||
CVE-1999-0342 | 1 Pam | 1 Pam | 2023-12-10 | 6.2 MEDIUM | N/A |
Linux PAM modules allow local users to gain root access using temporary files. | |||||
CVE-2002-0536 | 1 Phpgroupware | 1 Phpgroupware | 2023-12-10 | 7.5 HIGH | N/A |
PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack. |