Total
248617 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1212 | 1 Maxwebportal | 1 Maxwebportal | 2023-12-10 | 7.5 HIGH | N/A |
MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. | |||||
CVE-2002-2179 | 1 Unisys | 1 Clearpath Mcp | 2023-12-10 | 7.8 HIGH | N/A |
The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap. | |||||
CVE-2002-0013 | 1 Snmp | 1 Snmp | 2023-12-10 | 10.0 HIGH | N/A |
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | |||||
CVE-2002-2424 | 1 Ekilat Llc | 1 Php\(reactor\) | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag. | |||||
CVE-2000-0536 | 1 Xinetd | 1 Xinetd | 2023-12-10 | 7.5 HIGH | N/A |
xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry. | |||||
CVE-2003-0145 | 1 Lbl | 1 Tcpdump | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093. | |||||
CVE-2003-0435 | 1 Typespeed | 1 Typespeed | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code. | |||||
CVE-2003-0598 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0657. Reason: This candidate is a reservation duplicate of CVE-2003-0657. Notes: All CVE users should reference CVE-2003-0657 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2000-0316 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. | |||||
CVE-2001-0989 | 1 Richard Everitt | 1 Pileup | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign. | |||||
CVE-2003-0340 | 1 Demarc Security | 1 Puresecure | 2023-12-10 | 7.5 HIGH | N/A |
Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges. | |||||
CVE-2000-1050 | 1 Macromedia | 1 Jrun | 2023-12-10 | 5.0 MEDIUM | N/A |
Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). | |||||
CVE-1999-1430 | 1 Royal | 1 Davinci | 2023-12-10 | 2.1 LOW | N/A |
PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access. | |||||
CVE-2000-0324 | 1 Symantec | 1 Pcanywhere | 2023-12-10 | 5.0 MEDIUM | N/A |
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. | |||||
CVE-2003-0463 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | |||||
CVE-2002-1255 | 1 Microsoft | 1 Outlook | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail." | |||||
CVE-2004-0573 | 1 Microsoft | 5 Frontpage, Office, Publisher and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. | |||||
CVE-2001-0481 | 1 Mandrakesoft | 1 Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling. | |||||
CVE-2000-0194 | 1 Corel | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. | |||||
CVE-1999-1453 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. |