Vulnerabilities (CVE)

Total 250651 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1123 1 Sun 2 Jdk, Jre 2023-12-10 7.5 HIGH N/A
Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.
CVE-1999-0691 4 Cde, Digital, Ibm and 1 more 5 Cde, Unix, Aix and 2 more 2023-12-10 7.2 HIGH N/A
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
CVE-2004-1121 1 Apple 1 Safari 2023-12-10 5.0 MEDIUM N/A
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
CVE-2001-1422 1 Att 1 Winvnc 2023-12-10 7.5 HIGH N/A
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
CVE-2004-0913 1 Ecartis 1 Ecartis 2023-12-10 4.6 MEDIUM N/A
Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configuration.
CVE-2000-0979 1 Microsoft 4 Windows 95, Windows 98, Windows 98se and 1 more 2023-12-10 6.4 MEDIUM N/A
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
CVE-2003-0037 1 Noffle 1 Noffle 2023-12-10 7.5 HIGH N/A
Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code.
CVE-2002-1597 1 Cisco 1 Sn 5420 Storage Router Firmware 2023-12-10 5.0 MEDIUM N/A
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
CVE-2002-1903 1 University Of Washington 1 Pine 2023-12-10 5.0 MEDIUM N/A
Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
CVE-2004-0095 1 Mcafee 1 Epolicy Orchestrator 2023-12-10 5.0 MEDIUM N/A
McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.
CVE-2002-1106 1 Cisco 1 Vpn Client 2023-12-10 7.5 HIGH N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks.
CVE-2003-1204 1 Mambo 1 Mambo Site Server 2023-12-10 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php.
CVE-2000-1184 1 Freebsd 1 Freebsd 2023-12-10 5.0 MEDIUM N/A
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file.
CVE-2003-0558 1 Leapware 1 Leapftp 2023-12-10 7.5 HIGH N/A
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.
CVE-2004-2108 1 Quadcomm 1 Q-shop 2023-12-10 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp.
CVE-2002-1104 1 Cisco 1 Vpn Client 2023-12-10 5.0 MEDIUM N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS).
CVE-2001-0855 1 Rational Software 1 Clearcase 2023-12-10 7.2 HIGH N/A
Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.
CVE-2001-0157 1 Palm 1 Palm Os 2023-12-10 4.6 MEDIUM N/A
Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled.
CVE-2000-0449 1 Omnis 1 Studio 2023-12-10 10.0 HIGH N/A
Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields.
CVE-2002-1773 1 Mirabilis 1 Icq For Macos X 2023-12-10 7.5 HIGH N/A
Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request.