Total
251332 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0091 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in AIX writesrv command allows local users to obtain root access. | |||||
| CVE-2002-0347 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. | |||||
| CVE-2003-1297 | 1 Efs Software | 1 Efs Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. | |||||
| CVE-2001-0419 | 1 Oracle | 1 Application Server | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/. | |||||
| CVE-2000-1229 | 1 Phorum | 1 Phorum | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3. | |||||
| CVE-2004-1489 | 1 Opera | 1 Opera Browser | 2023-12-10 | 2.6 LOW | N/A |
| Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory. | |||||
| CVE-2002-1992 | 1 Macromedia | 2 Coldfusion, Coldfusion Professional | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | |||||
| CVE-2002-0068 | 2 Redhat, Squid | 2 Linux, Squid | 2023-12-10 | 7.5 HIGH | N/A |
| Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | |||||
| CVE-2004-1470 | 1 Snipsnap | 1 Snipsnap | 2023-12-10 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server. | |||||
| CVE-2001-0073 | 1 Nsa | 1 Security-enhanced Linux | 2023-12-10 | 2.1 LOW | N/A |
| Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory. | |||||
| CVE-2004-1614 | 1 Mozilla | 1 Mozilla | 2023-12-10 | 5.0 MEDIUM | N/A |
| Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme. | |||||
| CVE-1999-1204 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 7.5 HIGH | N/A |
| Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator. | |||||
| CVE-2004-0716 | 1 Hp | 1 Hp-ux | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data. | |||||
| CVE-2002-2244 | 1 Akfingerd | 1 Akfingerd | 2023-12-10 | 2.1 LOW | N/A |
| Akfingerd 0.5 and earlier versions allow local users to cause a denial of service (crash) via a .plan with a symlink to /dev/urandom or other device, then disconnecting while data is being transferred, which causes a SIGPIPE error that Akfingerd cannot handle. | |||||
| CVE-2004-0154 | 1 Nfs | 1 Nfs-utils | 2023-12-10 | 5.0 MEDIUM | N/A |
| rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name. | |||||
| CVE-2002-0437 | 1 Stefan Frings | 1 Sms Server Tools | 2023-12-10 | 10.0 HIGH | N/A |
| Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attackers to execute arbitrary commands via shell metacharacters (backquotes) in message text, as described with the term "string format vulnerability" by some sources. | |||||
| CVE-2004-0357 | 1 Seattle Lab Software | 1 Slmail Pro | 2023-12-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll. | |||||
| CVE-2001-1543 | 1 Axis | 5 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
| Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera. | |||||
| CVE-2000-0682 | 1 Bea | 1 Weblogic Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. | |||||
| CVE-2003-1305 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page. | |||||