Total
250086 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0243 | 1 Microsoft | 1 Windows Media Player | 2023-12-10 | 5.0 MEDIUM | N/A |
| Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files. | |||||
| CVE-1999-0122 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in AIX lchangelv gives root access. | |||||
| CVE-2002-1441 | 1 Tomahawk Technologies | 1 Steelarrow | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .aro file, or (3) DLLHOST.EXE via a Chunked Transfer-Encoding request. | |||||
| CVE-2000-0298 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.2 HIGH | N/A |
| The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories. | |||||
| CVE-2002-0446 | 1 Black Tie Project | 1 Black Tie Project | 2023-12-10 | 5.0 MEDIUM | N/A |
| categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathname in an error message. | |||||
| CVE-2004-0392 | 1 Kame | 1 Racoon | 2023-12-10 | 5.0 MEDIUM | N/A |
| racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields. | |||||
| CVE-2000-0765 | 1 Microsoft | 3 Excel, Powerpoint, Word | 2023-12-10 | 5.1 MEDIUM | N/A |
| Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability. | |||||
| CVE-2003-0982 | 1 Cisco | 9 Application And Content Networking Software, Content Distribution Manager 4630, Content Distribution Manager 4650 and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password. | |||||
| CVE-2004-2055 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter. | |||||
| CVE-2000-0780 | 1 Ipswitch | 1 Imail | 2023-12-10 | 6.4 MEDIUM | N/A |
| The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2004-0090 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 10.0 HIGH | N/A |
| Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors. | |||||
| CVE-2002-2271 | 1 Bigfun | 1 Bigfun | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. | |||||
| CVE-2003-1298 | 1 Anyportal Php | 1 Anyportal Php | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot). | |||||
| CVE-2003-0897 | 1 Microsoft | 1 Windows Xp | 2023-12-10 | 4.6 MEDIUM | N/A |
| "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications. | |||||
| CVE-2000-0681 | 1 Bea | 1 Weblogic Server | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. | |||||
| CVE-2000-1157 | 1 Network Associates | 1 Sniffer Agent | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name. | |||||
| CVE-1999-0620 | 2023-12-10 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NIS is running. | |||||
| CVE-2001-0939 | 1 Lotus | 1 Domino | 2023-12-10 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.08 and earlier allows remote attackers to cause a denial of service (crash) via a SunRPC NULL command to port 443. | |||||
| CVE-2002-1723 | 1 Powerboards | 1 Powerboards | 2023-12-10 | 5.0 MEDIUM | N/A |
| Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a cookie containing a non-existent username to profiles.php, which displays the full path in the error message. | |||||
| CVE-2000-0193 | 1 Corel | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
| The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. | |||||