Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0122 | 1 Ibm | 2 Http Server, Websphere Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error. | |||||
CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||
CVE-2002-1703 | 1 Mewsoft | 1 Netauction | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter. | |||||
CVE-2002-0511 | 1 Nscd | 1 Nscd | 2024-02-28 | 7.5 HIGH | N/A |
The default configuration of Name Service Cache Daemon (nscd) in Caldera OpenLinux 3.1 and 3.1.1 uses cached PTR records instead of consulting the authoritative DNS server for the A record, which could make it easier for remote attackers to bypass applications that restrict access based on host names. | |||||
CVE-2004-0298 | 1 Aclogic | 1 Cesarftp | 2024-02-28 | 5.0 MEDIUM | N/A |
CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RETR parameter. | |||||
CVE-2000-0761 | 1 Ibm | 1 Os2 Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username. | |||||
CVE-2003-1297 | 1 Efs Software | 1 Efs Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. | |||||
CVE-2002-1015 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2024-02-28 | 7.5 HIGH | N/A |
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers. | |||||
CVE-2003-0214 | 1 Debian | 1 Mime-support | 2024-02-28 | 4.6 MEDIUM | N/A |
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2001-0890 | 1 Sane | 1 Sane | 2024-02-28 | 2.1 LOW | N/A |
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files. | |||||
CVE-2004-2015 | 1 Webct | 1 Webct | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags. | |||||
CVE-2000-1155 | 1 Joe Kloss | 1 Robinhood | 2024-02-28 | 5.0 MEDIUM | N/A |
RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | |||||
CVE-2000-0931 | 1 David Harris | 1 Pegasus Mail | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data. | |||||
CVE-2003-0634 | 1 Oracle | 2 Oracle8i, Oracle9i | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. | |||||
CVE-1999-0173 | 1 Matt Wright | 1 Formmail | 2024-02-28 | 5.0 MEDIUM | N/A |
FormMail CGI program can be used by web servers other than the host server that the program resides on. | |||||
CVE-1999-0377 | 1 Unix | 1 Unix | 2024-02-28 | 5.0 MEDIUM | N/A |
Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services. | |||||
CVE-2001-0221 | 1 Freebsd | 1 Ja-xklock | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. | |||||
CVE-2002-1976 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap. | |||||
CVE-2002-0458 | 1 Linux-sottises | 1 News-tnk | 2024-02-28 | 7.6 HIGH | N/A |
Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. |