Total
248688 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0115 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. | |||||
| CVE-2001-0895 | 1 Cisco | 11 Catalyst 2900xl, Catalyst 2948g-l3, Catalyst 2950 and 8 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table. | |||||
| CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2023-12-10 | 5.0 MEDIUM | N/A |
| Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | |||||
| CVE-1999-1422 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
| The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. | |||||
| CVE-2000-0769 | 1 Oreilly | 1 Website Pro | 2023-12-10 | 7.5 HIGH | N/A |
| O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe. | |||||
| CVE-2000-0282 | 1 Talentsoft | 1 Web\+ | 2023-12-10 | 5.0 MEDIUM | N/A |
| TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program. | |||||
| CVE-2002-1546 | 1 Brs | 1 Webweaver | 2023-12-10 | 7.5 HIGH | N/A |
| BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence. | |||||
| CVE-2004-2183 | 1 Wehelpbus | 1 Wehelpbus | 2023-12-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. | |||||
| CVE-2003-0531 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability. | |||||
| CVE-2003-0839 | 1 Microsoft | 1 Windows 2003 Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. | |||||
| CVE-2000-0770 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 6.4 MEDIUM | N/A |
| IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability. | |||||
| CVE-2003-1212 | 1 Maxwebportal | 1 Maxwebportal | 2023-12-10 | 7.5 HIGH | N/A |
| MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. | |||||
| CVE-2002-2179 | 1 Unisys | 1 Clearpath Mcp | 2023-12-10 | 7.8 HIGH | N/A |
| The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap. | |||||
| CVE-2002-0013 | 1 Snmp | 1 Snmp | 2023-12-10 | 10.0 HIGH | N/A |
| Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | |||||
| CVE-2002-2424 | 1 Ekilat Llc | 1 Php\(reactor\) | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag. | |||||
| CVE-2000-0536 | 1 Xinetd | 1 Xinetd | 2023-12-10 | 7.5 HIGH | N/A |
| xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry. | |||||
| CVE-2003-0145 | 1 Lbl | 1 Tcpdump | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093. | |||||
| CVE-2003-0435 | 1 Typespeed | 1 Typespeed | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2003-0598 | 2023-12-10 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0657. Reason: This candidate is a reservation duplicate of CVE-2003-0657. Notes: All CVE users should reference CVE-2003-0657 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
| CVE-2000-0316 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. | |||||