Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2024-02-28 | 5.0 MEDIUM | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | |||||
| CVE-1999-1010 | 1 Openbsd | 1 Openssh | 2024-02-28 | 2.1 LOW | N/A |
| An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | |||||
| CVE-2002-0450 | 1 Talentsoft | 1 Web\+ Server | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe. | |||||
| CVE-2004-0851 | 1 Ulrich Callmeier | 1 Net-acct | 2024-02-28 | 2.1 LOW | N/A |
| The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-1999-1166 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
| Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory. | |||||
| CVE-1999-0336 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in mstm in HP-UX allows local users to gain root access. | |||||
| CVE-2002-0684 | 2 Gnu, Isc | 2 Glibc, Bind | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | |||||
| CVE-1999-0746 | 2 Slackware, Suse | 2 Slackware Linux, Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. | |||||
| CVE-2002-2125 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 6.4 MEDIUM | N/A |
| Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack. | |||||
| CVE-2000-0043 | 1 Camshot | 1 Webcam Http Server | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2002-0870 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2024-02-28 | 7.5 HIGH | N/A |
| The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | |||||
| CVE-2003-0776 | 1 Sane | 2 Sane, Sane-backend | 2024-02-28 | 7.5 HIGH | N/A |
| saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | |||||
| CVE-2002-0607 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-28 | 7.5 HIGH | N/A |
| members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL. | |||||
| CVE-2004-0474 | 1 Microsoft | 1 Windows Xp | 2024-02-28 | 5.1 MEDIUM | N/A |
| Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue. | |||||
| CVE-2004-1431 | 1 Joe Lumbroso | 1 Jacks Formmail.php | 2024-02-28 | 5.0 MEDIUM | N/A |
| FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in the ar_file (auto-reply) parameter. | |||||
| CVE-2004-2035 | 1 Minishare | 1 Minimal Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. | |||||
| CVE-2001-0760 | 1 Citrix | 1 Nfuse | 2024-02-28 | 5.0 MEDIUM | N/A |
| Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field. | |||||
| CVE-2001-0434 | 1 Compaq | 1 Presario | 2024-02-28 | 6.4 MEDIUM | N/A |
| The LogDataListToFile ActiveX function used in (1) Knowledge Center and (2) Back web components of Compaq Presario computers allows remote attackers to modify arbitrary files and cause a denial of service. | |||||
| CVE-2000-0554 | 1 Lilikoi | 1 Ceilidh | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translated_path hidden form field. | |||||
| CVE-2000-0597 | 1 Microsoft | 2 Excel, Powerpoint | 2024-02-28 | 7.5 HIGH | N/A |
| Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | |||||