Total
248649 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1139 | 1 Musicqueue | 1 Musicqueue | 2023-12-10 | 5.0 MEDIUM | N/A |
Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file. | |||||
CVE-2002-0065 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2023-12-10 | 7.2 HIGH | N/A |
Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry. | |||||
CVE-2001-1219 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. | |||||
CVE-1999-0334 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. | |||||
CVE-2001-0437 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file. | |||||
CVE-2000-0408 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability. | |||||
CVE-2004-0394 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. | |||||
CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | |||||
CVE-2004-0312 | 1 Linksys | 1 Wap55ag | 2023-12-10 | 6.4 MEDIUM | N/A |
Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2. | |||||
CVE-1999-1303 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
CVE-2000-0334 | 1 Allaire | 1 Spectra | 2023-12-10 | 2.1 LOW | N/A |
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. | |||||
CVE-2004-0753 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2023-12-10 | 5.0 MEDIUM | N/A |
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file. | |||||
CVE-1999-0465 | 2023-12-10 | 10.0 HIGH | N/A | ||
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. | |||||
CVE-1999-0796 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.5 HIGH | N/A |
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. | |||||
CVE-2000-0024 | 1 Microsoft | 3 Internet Information Server, Site Server, Site Server Commerce | 2023-12-10 | 6.4 MEDIUM | N/A |
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. | |||||
CVE-2002-1179 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message. | |||||
CVE-2000-0066 | 1 Oreilly | 1 Website Professional | 2023-12-10 | 5.0 MEDIUM | N/A |
WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | |||||
CVE-2002-2099 | 1 Gnu | 1 Data Display Debugger | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE. | |||||
CVE-2004-0099 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 4.6 MEDIUM | N/A |
mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions. | |||||
CVE-2004-1766 | 1 Juniper | 1 Netscreen-security Manager 2004 | 2023-12-10 | 5.0 MEDIUM | N/A |
The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing. |