Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0609 | 1 Mercantec | 1 Softcart | 2024-02-28 | 5.0 MEDIUM | N/A |
An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information. | |||||
CVE-2002-2099 | 1 Gnu | 1 Data Display Debugger | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE. | |||||
CVE-2001-0751 | 1 Cisco | 1 Cbos | 2024-02-28 | 7.5 HIGH | N/A |
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | |||||
CVE-2004-0088 | 1 Apple | 1 Mac Os X | 2024-02-28 | 2.1 LOW | N/A |
The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087. | |||||
CVE-2001-0551 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window. | |||||
CVE-2000-0911 | 1 Horde | 1 Imp | 2024-02-28 | 5.0 MEDIUM | N/A |
IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment. | |||||
CVE-2001-1228 | 1 Gnu | 1 Gzip | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | |||||
CVE-2002-1394 | 1 Apache | 1 Tomcat | 2024-02-28 | 7.5 HIGH | N/A |
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | |||||
CVE-2002-2109 | 1 Matt Wright | 1 Formmail | 2024-02-28 | 7.5 HIGH | N/A |
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer. | |||||
CVE-2001-0267 | 1 Hp | 1 Mpe Ix | 2024-02-28 | 7.2 HIGH | N/A |
NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. | |||||
CVE-1999-0153 | 2 Microsoft, Sco | 4 Windows 2000, Windows 95, Windows Nt and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | |||||
CVE-1999-0639 | 2024-02-28 | N/A | N/A | ||
The chargen service is running. | |||||
CVE-2001-0175 | 1 Netscape | 1 Fasttrack Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. | |||||
CVE-2004-0938 | 1 Freeradius | 1 Freeradius | 2024-02-28 | 5.0 MEDIUM | N/A |
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet. | |||||
CVE-1999-0998 | 1 Cisco | 1 Cache Engine | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco Cache Engine allows an attacker to replace content in the cache. | |||||
CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2024-02-28 | 7.5 HIGH | N/A |
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||||
CVE-2002-1382 | 1 Macromedia | 1 Flash Player | 2024-02-28 | 7.5 HIGH | N/A |
Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846. | |||||
CVE-2001-1086 | 1 Xfree86 Project | 1 X11r6 | 2024-02-28 | 7.5 HIGH | N/A |
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack. | |||||
CVE-2002-0078 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability. | |||||
CVE-2002-0942 | 1 Lumigent | 1 Log Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach. |