Total
250745 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1378 | 1 Fetchmail | 1 Fetchmail | 2023-12-10 | 2.1 LOW | N/A |
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | |||||
CVE-2004-2187 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors. | |||||
CVE-2002-2202 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 3.8 LOW | N/A |
Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email. | |||||
CVE-2001-0553 | 1 Ssh | 1 Secure Shell | 2023-12-10 | 7.2 HIGH | N/A |
SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field. | |||||
CVE-2000-1143 | 1 Recourse Technologies | 1 Mantrap | 2023-12-10 | 2.1 LOW | N/A |
Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system. | |||||
CVE-2000-0106 | 1 Easycart | 1 Easycart | 2023-12-10 | 7.5 HIGH | N/A |
The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2002-1007 | 1 Blackboard | 1 Blackboard | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi. | |||||
CVE-1999-1516 | 1 Tenfour | 1 Tfs Gateway Smtp | 2023-12-10 | 7.5 HIGH | N/A |
A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string. | |||||
CVE-2001-0076 | 1 Ikonboard.com | 1 Ikonboard | 2023-12-10 | 10.0 HIGH | N/A |
register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed. | |||||
CVE-2004-0938 | 1 Freeradius | 1 Freeradius | 2023-12-10 | 5.0 MEDIUM | N/A |
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet. | |||||
CVE-2000-0348 | 1 Sco | 1 Unixware | 2023-12-10 | 10.0 HIGH | N/A |
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges. | |||||
CVE-1999-0305 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. | |||||
CVE-1999-1155 | 1 Lakeweb | 1 Mail List Cgi Script | 2023-12-10 | 7.5 HIGH | N/A |
LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
CVE-1999-1502 | 1 Id Software | 1 Quake | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. | |||||
CVE-2002-1928 | 1 Software602 | 1 602pro Lan Suite | 2023-12-10 | 5.0 MEDIUM | N/A |
602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension. | |||||
CVE-2000-0347 | 1 Microsoft | 2 Windows 95, Windows 98 | 2023-12-10 | 5.0 MEDIUM | N/A |
Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. | |||||
CVE-2000-0528 | 1 Network Associates | 1 Net Tools Pki Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Net Tools PKI Server does not properly restrict access to remote attackers when the XUDA template files do not contain absolute pathnames for other files. | |||||
CVE-2004-1579 | 1 Devellion | 1 Cubecart | 2023-12-10 | 5.0 MEDIUM | N/A |
index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid cat_id parameter, which reveals the full path in a PHP error message. | |||||
CVE-2004-0537 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces. | |||||
CVE-2000-0081 | 1 Microsoft | 1 Hotmail | 2023-12-10 | 10.0 HIGH | N/A |
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript. |