Total
247563 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1261 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1292. Reason: This candidate is a reservation duplicate of CVE-2002-1292. Notes: All CVE users should reference CVE-2002-1292 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-1999-0566 | 1 Ibm | 1 Aix | 2023-12-10 | 5.0 MEDIUM | N/A |
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |||||
CVE-2004-0728 | 1 Microsoft | 1 Systems Management Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that causes the server to read or write to an invalid memory address. | |||||
CVE-1999-0062 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 7.2 HIGH | N/A |
The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. | |||||
CVE-2003-0743 | 1 University Of Cambridge | 1 Exim | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer. | |||||
CVE-2002-1929 | 1 Php Arena | 1 Pafiledb | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (2) email, or (3) download actions. | |||||
CVE-2004-1774 | 1 Oracle | 2 Application Server, Oracle10g | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter. | |||||
CVE-1999-0217 | 1 Sun | 1 Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. | |||||
CVE-1999-0855 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in FreeBSD gdc program. | |||||
CVE-2003-1432 | 1 Epic Games | 2 Unreal Engine, Unreal Tournament 2003 | 2023-12-10 | 10.0 HIGH | N/A |
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file. | |||||
CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2023-12-10 | 5.0 MEDIUM | N/A |
ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. | |||||
CVE-2000-1181 | 1 Realnetworks | 1 Realserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL. | |||||
CVE-1999-0549 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
Windows NT automatically logs in an administrator upon rebooting. | |||||
CVE-2001-1248 | 1 Vwebserver | 1 Vwebserver | 2023-12-10 | 5.0 MEDIUM | N/A |
vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character (%20). | |||||
CVE-2003-1326 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." | |||||
CVE-2002-1023 | 1 Working Resources Inc. | 1 Badblue | 2023-12-10 | 5.0 MEDIUM | N/A |
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. | |||||
CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | |||||
CVE-1999-0681 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | |||||
CVE-2002-1375 | 2 Oracle, Symantec Veritas | 3 Mysql, Netbackup Advanced Reporter, Netbackup Global Data Manager | 2023-12-10 | 7.5 HIGH | N/A |
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. | |||||
CVE-2003-0501 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. |