Total
250593 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0857 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
CVE-1999-0559 | 2023-12-10 | 10.0 HIGH | N/A | ||
A system-critical Unix file or directory has inappropriate permissions. | |||||
CVE-2002-1258 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | |||||
CVE-2000-0031 | 1 Redhat | 1 Linux | 2023-12-10 | 6.2 MEDIUM | N/A |
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. | |||||
CVE-2004-1585 | 1 Jera Technology | 1 Flash Messaging | 2023-12-10 | 5.0 MEDIUM | N/A |
Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service (application crash) via certain wide characters. | |||||
CVE-2000-0623 | 1 Oreilly | 1 Website Professional | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header. | |||||
CVE-2003-0156 | 1 Cross Referencer | 1 Lxr | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter. | |||||
CVE-2001-0444 | 1 Cisco | 1 Cbos | 2023-12-10 | 2.1 LOW | N/A |
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | |||||
CVE-2003-0017 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. | |||||
CVE-1999-0445 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | |||||
CVE-2001-0201 | 1 Umut Gokbayrak | 1 Postaci | 2023-12-10 | 7.5 HIGH | N/A |
The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program. | |||||
CVE-2002-0612 | 1 Craig Patchett | 1 Fileseek | 2023-12-10 | 7.5 HIGH | N/A |
FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters. | |||||
CVE-1999-0617 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SMTP service is running. | |||||
CVE-2002-0159 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002. | |||||
CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
xsoldier program allows local users to gain root access via a long argument. | |||||
CVE-2002-1059 | 1 Van Dyke Technologies | 1 Securecrt | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string. | |||||
CVE-2000-1024 | 1 Unify | 1 Ewave Servletexec | 2023-12-10 | 10.0 HIGH | N/A |
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands. | |||||
CVE-2003-0935 | 1 Net-snmp | 1 Net-snmp | 2023-12-10 | 6.4 MEDIUM | N/A |
Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. | |||||
CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Teardrop IP denial of service. | |||||
CVE-2001-0565 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. |