Total
248586 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0334 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. | |||||
CVE-2001-0437 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file. | |||||
CVE-2000-0408 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability. | |||||
CVE-2004-0394 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. | |||||
CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | |||||
CVE-2004-0312 | 1 Linksys | 1 Wap55ag | 2023-12-10 | 6.4 MEDIUM | N/A |
Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2. | |||||
CVE-1999-1303 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
CVE-2000-0334 | 1 Allaire | 1 Spectra | 2023-12-10 | 2.1 LOW | N/A |
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. | |||||
CVE-2004-0753 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2023-12-10 | 5.0 MEDIUM | N/A |
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file. | |||||
CVE-1999-0465 | 2023-12-10 | 10.0 HIGH | N/A | ||
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. | |||||
CVE-1999-0796 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.5 HIGH | N/A |
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. | |||||
CVE-2000-0024 | 1 Microsoft | 3 Internet Information Server, Site Server, Site Server Commerce | 2023-12-10 | 6.4 MEDIUM | N/A |
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. | |||||
CVE-2002-1179 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message. | |||||
CVE-2000-0066 | 1 Oreilly | 1 Website Professional | 2023-12-10 | 5.0 MEDIUM | N/A |
WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | |||||
CVE-2002-2099 | 1 Gnu | 1 Data Display Debugger | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE. | |||||
CVE-2004-0099 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 4.6 MEDIUM | N/A |
mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions. | |||||
CVE-2004-1766 | 1 Juniper | 1 Netscreen-security Manager 2004 | 2023-12-10 | 5.0 MEDIUM | N/A |
The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing. | |||||
CVE-2001-1186 | 1 Microsoft | 1 Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection. | |||||
CVE-2000-0827 | 1 Mobius | 1 Documentdirect For The Internet | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. | |||||
CVE-2003-1126 | 1 Sun | 1 One Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. |