Total
248823 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0711 | 2 Microsoft, Netscape | 2 Virtual Machine, Communicator | 2023-12-10 | 7.5 HIGH | N/A |
| Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | |||||
| CVE-2003-0949 | 1 Michael Bischoff | 1 Xsok | 2023-12-10 | 4.6 MEDIUM | N/A |
| xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands. | |||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2023-12-10 | 7.2 HIGH | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||||
| CVE-2003-1128 | 1 X2 Studios | 1 Xmms Remote | 2023-12-10 | 7.5 HIGH | N/A |
| XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. | |||||
| CVE-2004-0056 | 1 Nortel | 3 802.11 Wireless Ip Gateway, Business Communications Manager, Succession Communication Server 1000 | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | |||||
| CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. | |||||
| CVE-2001-0778 | 1 Omnicron | 1 Omnihttpd | 2023-12-10 | 5.0 MEDIUM | N/A |
| OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20). | |||||
| CVE-2003-1177 | 1 Atrium Software | 1 Mercur Mailserver | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | |||||
| CVE-2001-0826 | 1 Aclogic | 1 Cesarftp | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD. | |||||
| CVE-2003-0286 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. | |||||
| CVE-2000-1038 | 1 Ibm | 1 As400 Firewall | 2023-12-10 | 5.0 MEDIUM | N/A |
| The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request. | |||||
| CVE-2000-0248 | 1 Redhat | 1 Linux | 2023-12-10 | 10.0 HIGH | N/A |
| The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-0245 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.6 MEDIUM | N/A |
| Some configurations of NIS+ in Linux allowed attackers to log in as the user "+". | |||||
| CVE-2004-0579 | 2 Debian, William Deich | 2 Debian Linux, Super | 2023-12-10 | 7.2 HIGH | N/A |
| Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root. | |||||
| CVE-2002-0371 | 2 Microsoft, University Of Minnesota | 4 Internet Explorer, Isa Server, Proxy Server and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. | |||||
| CVE-2003-0986 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-12-10 | 1.7 LOW | N/A |
| Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. | |||||
| CVE-2000-0399 | 1 Alt-n | 1 Mdaemon | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. | |||||
| CVE-1999-0647 | 2023-12-10 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The bootparam (bootparamd) service is running. | |||||
| CVE-2000-1138 | 1 Ibm | 1 Lotus Notes | 2023-12-10 | 7.5 HIGH | N/A |
| Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. | |||||
| CVE-1999-1200 | 1 Vintra Systems | 1 Smtp Mailserver | 2023-12-10 | 5.0 MEDIUM | N/A |
| Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command. | |||||