Vulnerabilities (CVE)

Total 250651 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0501 1 Posadis 1 Posadis 2023-12-10 7.2 HIGH N/A
Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages.
CVE-2000-0045 1 Oracle 1 Mysql 2023-12-10 6.4 MEDIUM N/A
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
CVE-2000-1109 1 Midnight Commander 1 Midnight Commander 2023-12-10 4.6 MEDIUM N/A
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
CVE-2001-0571 1 Elron 2 Im Anti Virus, Im Message Inspector 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in the web server for (1) Elron Internet Manager (IM) Message Inspector and (2) Anti-Virus before 3.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the requested URL.
CVE-1999-0945 1 Microsoft 1 Exchange Server 2023-12-10 5.0 MEDIUM N/A
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
CVE-2000-0692 1 Iss 1 Realsecure 2023-12-10 5.0 MEDIUM N/A
ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.
CVE-1999-0470 1 Novell 1 Netware 2023-12-10 5.0 MEDIUM N/A
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
CVE-2002-0493 1 Apache 1 Tomcat 2023-12-10 7.5 HIGH N/A
Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CVE-2003-0110 1 Microsoft 2 Isa Server, Proxy Server 2023-12-10 5.0 MEDIUM N/A
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.
CVE-2002-2002 1 Compaq 1 Tru64 2023-12-10 7.5 HIGH N/A
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables.
CVE-2001-1575 1 Apple 1 Personal Web Sharing 2023-12-10 5.0 MEDIUM N/A
Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow.
CVE-2000-0760 1 Apache 1 Tomcat 2023-12-10 6.4 MEDIUM N/A
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
CVE-2003-1215 1 Phpbb Group 1 Phpbb 2023-12-10 4.6 MEDIUM N/A
SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter.
CVE-2002-0239 1 Hanterm 1 Hanterm 2023-12-10 7.2 HIGH N/A
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.
CVE-2004-0587 3 Mandrakesoft, Redhat, Suse 4 Mandrake Linux, Mandrake Linux Corporate Server, Fedora Core and 1 more 2023-12-10 2.1 LOW N/A
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
CVE-2002-1748 1 Open Source Development Network 1 Slashcode 2023-12-10 7.2 HIGH N/A
Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts.
CVE-2004-0403 1 Kame 1 Racoon 2023-12-10 5.0 MEDIUM N/A
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
CVE-2003-0603 1 Mozilla 1 Bugzilla 2023-12-10 2.1 LOW N/A
Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.
CVE-2002-1195 1 Gabriele Bartolini 1 Ht Check 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page.
CVE-2002-0175 1 Avaya 1 Libsafe 2023-12-10 4.6 MEDIUM N/A
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.