Total
250331 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1143 | 1 Microsoft | 2 Excel, Word | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure." | |||||
| CVE-2002-0964 | 1 Valve Software | 2 Half-life, Half-life Dedicated Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out. | |||||
| CVE-1999-0747 | 1 Bsdi | 1 Bsd Os | 2023-12-10 | 2.1 LOW | N/A |
| Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load. | |||||
| CVE-2002-0141 | 1 Maelstrom | 1 Maelstrom Gpl | 2023-12-10 | 1.2 LOW | N/A |
| Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file. | |||||
| CVE-2000-0578 | 1 Sgi | 1 Mipspro Compilers | 2023-12-10 | 3.7 LOW | N/A |
| SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user. | |||||
| CVE-2004-0488 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux Server and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||||
| CVE-2003-1085 | 1 Thomson | 2 Tcm Cable Modem, Tcw Cable Modem | 2023-12-10 | 5.0 MEDIUM | N/A |
| The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow. | |||||
| CVE-2002-0656 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. | |||||
| CVE-2004-0313 | 1 Psoproxy | 1 Psoproxy Server | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2) method name. | |||||
| CVE-2001-1542 | 1 Network Associates | 1 Webshield Smtp | 2023-12-10 | 7.5 HIGH | N/A |
| NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments. | |||||
| CVE-2001-0759 | 1 Jetico | 1 Bestcrypt | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount. | |||||
| CVE-2003-1299 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2023-12-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. | |||||
| CVE-2000-0301 | 1 Ipswitch | 1 Imail | 2023-12-10 | 5.0 MEDIUM | N/A |
| Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. | |||||
| CVE-2004-2020 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x through 7.3 allow remote attackers to inject arbitrary HTML or web script into the (1) optionbox parameter in the News module, (2) date parameter in the Statistics module, (3) year, month, and month_1 parameters in the Stories_Archive module, (4) mode, order, and thold parameters in the Surveys module, or (5) a SQL statement to index.php, as processed by mainfile.php. | |||||
| CVE-2000-0869 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
| The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | |||||
| CVE-2000-0037 | 1 Great Circle Associates | 1 Majordomo | 2023-12-10 | 4.6 MEDIUM | N/A |
| Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. | |||||
| CVE-2004-2000 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php. | |||||
| CVE-2002-2088 | 1 Mosix Project | 1 Clump Os | 2023-12-10 | 10.0 HIGH | N/A |
| The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access. | |||||
| CVE-1999-0092 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. | |||||
| CVE-2002-1658 | 1 Apache | 1 Http Server | 2023-12-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. | |||||