Total
250089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0545 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
| LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2004-1433 | 1 Cisco | 1 Optical Networking Systems Software | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets. | |||||
| CVE-2002-2128 | 1 W-agora | 1 W-agora | 2023-12-10 | 4.6 MEDIUM | N/A |
| editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter. | |||||
| CVE-2001-0179 | 1 Macromedia | 1 Jrun | 2023-12-10 | 5.0 MEDIUM | N/A |
| Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." | |||||
| CVE-2000-0831 | 1 Fastream | 1 Ftp\+\+ Server | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username. | |||||
| CVE-2001-0112 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2023-12-10 | 7.2 HIGH | N/A |
| Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. | |||||
| CVE-2003-0972 | 1 Gnu | 1 Screen | 2023-12-10 | 10.0 HIGH | N/A |
| Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | |||||
| CVE-2000-1131 | 1 Bill Kendrick | 1 Gbook.cgi | 2023-12-10 | 7.5 HIGH | N/A |
| Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable. | |||||
| CVE-2003-1421 | 1 Suckbot | 1 Suckbot | 2023-12-10 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors. | |||||
| CVE-2003-1157 | 1 Citrix | 1 Metaframe | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. | |||||
| CVE-1999-0047 | 3 Bsdi, Caldera, Eric Allman | 3 Bsd Os, Openlinux, Sendmail | 2023-12-10 | 10.0 HIGH | N/A |
| MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | |||||
| CVE-2002-0419 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
| Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the realm for Basic authentication, which could reveal real IP addresses that were obscured by NAT, or (3) when NTLM authentication is used, the NetBIOS name of the server and its Windows NT domain are revealed in response to an Authorization request. NOTE: this entry originally contained a vector (1) in which the server reveals whether it supports Basic or NTLM authentication through 401 Access Denied error messages. CVE has REJECTED this vector; it is not a vulnerability because the information is already available through legitimate use, since authentication cannot proceed without specifying a scheme that is supported by both the client and the server. | |||||
| CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2004-1905 | 1 Panda | 1 Activescan | 2023-12-10 | 5.0 MEDIUM | N/A |
| ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause a denial of service (crash) by calling the SetSitesFile function. | |||||
| CVE-2002-0284 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 2.6 LOW | N/A |
| Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname. | |||||
| CVE-2000-0561 | 1 International Telecommunications | 1 International Telecommunications Webbbs | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request. | |||||
| CVE-2003-1052 | 1 Ibm | 2 Db2, Db2 Universal Database | 2023-12-10 | 7.2 HIGH | N/A |
| IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. | |||||
| CVE-2000-0549 | 2 Cygnus, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request. | |||||
| CVE-2001-0786 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. | |||||
| CVE-2002-1647 | 1 Slashcode.com | 1 Slash | 2023-12-10 | 5.0 MEDIUM | N/A |
| The quick login feature in Slash Slashcode does not redirect the user to an alternate URL when the wrong password is provided, which makes it easier for remote web sites to guess the proper passwords by reading the username and password from the Referrer URL. | |||||