Total
248932 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1661 | 1 Sitecubed | 1 Mailworks Professional | 2023-12-10 | 7.5 HIGH | N/A |
MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1." | |||||
CVE-2002-2401 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2023-12-10 | 3.6 LOW | N/A |
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | |||||
CVE-2002-0231 | 1 Khaled Mardam-bey | 1 Mirc | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname. | |||||
CVE-2004-0418 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | |||||
CVE-2001-0002 | 1 Microsoft | 2 Internet Explorer, Windows Script Host | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | |||||
CVE-2003-1439 | 1 Silc | 1 Secure Internet Live Conferencing | 2023-12-10 | 4.3 MEDIUM | N/A |
Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. | |||||
CVE-2001-0360 | 1 Ikonboard.com | 1 Ikonboard | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter. | |||||
CVE-1999-0961 | 1 Hp | 1 Hp-ux | 2023-12-10 | 6.2 MEDIUM | N/A |
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. | |||||
CVE-2002-2390 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||||
CVE-1999-0966 | 1 Sun | 1 Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. | |||||
CVE-2000-0761 | 1 Ibm | 1 Os2 Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username. | |||||
CVE-2002-0030 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2023-12-10 | 4.6 MEDIUM | N/A |
The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe. | |||||
CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | |||||
CVE-1999-0003 | 5 Hp, Ibm, Sgi and 2 more | 6 Hp-ux, Aix, Irix and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). | |||||
CVE-2001-0601 | 1 Lotus | 1 Domino R5 Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters. | |||||
CVE-2004-1490 | 1 Opera | 1 Opera Browser | 2023-12-10 | 2.6 LOW | N/A |
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers. | |||||
CVE-2003-0739 | 1 Vmware | 1 Workstation | 2023-12-10 | 4.6 MEDIUM | N/A |
VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. | |||||
CVE-2001-0046 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 4.6 MEDIUM | N/A |
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | |||||
CVE-2001-1045 | 1 Basilix | 1 Basilix Webmail | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter. | |||||
CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Land IP denial of service. |