Total
250599 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0825 | 1 Padl Software | 1 Nss Ldap | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2002-0813 | 1 Cisco | 1 Ios | 2023-12-10 | 7.1 HIGH | N/A |
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | |||||
CVE-2004-1877 | 1 Oracle | 2 Application Server, Http Server | 2023-12-10 | 2.6 LOW | N/A |
The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password. | |||||
CVE-2004-2143 | 1 Mambo | 1 Mambo Portal | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option. | |||||
CVE-2003-1266 | 1 Etype | 1 Eserv | 2023-12-10 | 5.0 MEDIUM | N/A |
The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. | |||||
CVE-2001-0146 | 1 Microsoft | 2 Exchange Server, Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. | |||||
CVE-2002-0714 | 1 Squid | 1 Squid | 2023-12-10 | 7.5 HIGH | N/A |
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses. | |||||
CVE-2004-0720 | 1 Apple | 1 Safari | 2023-12-10 | 7.5 HIGH | N/A |
Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-2001-0147 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | |||||
CVE-2002-2191 | 1 Lotus | 1 Domino | 2023-12-10 | 5.0 MEDIUM | N/A |
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner. | |||||
CVE-2001-0700 | 1 W3m | 1 W3m | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header. | |||||
CVE-2003-1153 | 1 Bytehoard | 1 Bytehoard | 2023-12-10 | 5.0 MEDIUM | N/A |
byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct request to files.inc.php. | |||||
CVE-2004-2146 | 1 Pd9 Software | 1 Megabbs | 2023-12-10 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows attackers to conduct HTTP response splitting attacks via the fid parameter in a writenew action to thread-post.asp. | |||||
CVE-1999-0210 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 10.0 HIGH | N/A |
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. | |||||
CVE-2003-0023 | 1 Rxvt | 1 Rxvt | 2023-12-10 | 5.0 MEDIUM | N/A |
The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | |||||
CVE-1999-0625 | 2023-12-10 | N/A | N/A | ||
The rpc.rquotad service is running. | |||||
CVE-2000-0592 | 1 Sapporoworks | 1 Sapporoworks Winproxy | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands. | |||||
CVE-2004-2102 | 1 Freesco | 1 Freesco | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote attackers to inject arbitrary web script or HTML via the test parameter. | |||||
CVE-2002-0853 | 1 Cisco | 1 Vpn Client | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload. | |||||
CVE-2002-1281 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL. |