Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2024-02-28 | 5.0 MEDIUM | N/A |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | |||||
| CVE-2004-0380 | 1 Microsoft | 1 Outlook Express | 2024-02-28 | 10.0 HIGH | N/A |
| The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." | |||||
| CVE-1999-1335 | 1 Redhat | 1 Linux | 2024-02-28 | 6.4 MEDIUM | N/A |
| snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. | |||||
| CVE-2001-0715 | 1 Sendmail | 1 Sendmail | 2024-02-28 | 2.1 LOW | N/A |
| Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode. | |||||
| CVE-2003-0428 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string. | |||||
| CVE-1999-0887 | 1 Floosietek | 1 Ftgate | 2024-02-28 | 5.0 MEDIUM | N/A |
| FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack. | |||||
| CVE-2000-0843 | 2 Dave Airlie, Luke Kenneth Casson Leighton | 2 Pam Smb, Pam Ntdom | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name. | |||||
| CVE-2004-2254 | 1 Netwin | 1 Surgeldap | 2024-02-28 | 7.5 HIGH | N/A |
| SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. | |||||
| CVE-2004-2025 | 1 Zen Cart | 1 Zen Cart | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. | |||||
| CVE-2001-0702 | 1 Grant Averett | 1 Ceberus Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
| Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command. | |||||
| CVE-1999-1571 | 1 Sco | 1 Openserver | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. | |||||
| CVE-1999-1434 | 1 Slackware | 1 Slackware Linux | 2024-02-28 | 7.2 HIGH | N/A |
| login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server. | |||||
| CVE-2003-1027 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 10.0 HIGH | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability." | |||||
| CVE-2004-0687 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
| CVE-1999-0548 | 2024-02-28 | 10.0 HIGH | N/A | ||
| A superfluous NFS server is running, but it is not importing or exporting any file systems. | |||||
| CVE-2000-0628 | 1 Joshua Chamas | 1 Apache Asp | 2024-02-28 | 7.5 HIGH | N/A |
| The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files. | |||||
| CVE-2002-0279 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges. | |||||
| CVE-1999-1478 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. | |||||
| CVE-2003-0340 | 1 Demarc Security | 1 Puresecure | 2024-02-28 | 7.5 HIGH | N/A |
| Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges. | |||||
| CVE-2000-0438 | 4 Caldera, Slackware, Suse and 1 more | 4 Openlinux, Slackware Linux, Suse Linux and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. | |||||