Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1399 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
| Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||||
| CVE-2000-0462 | 1 Netbsd | 1 Netbsd | 2024-02-28 | 2.1 LOW | N/A |
| ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | |||||
| CVE-2001-1154 | 2 Bsdi, Carnegie Mellon University | 2 Bsd Os, Cyrus Imap Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients. | |||||
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||||
| CVE-2002-0491 | 1 Alguest | 1 Alguest | 2024-02-28 | 10.0 HIGH | N/A |
| admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value. | |||||
| CVE-2004-1614 | 1 Mozilla | 1 Mozilla | 2024-02-28 | 5.0 MEDIUM | N/A |
| Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme. | |||||
| CVE-2001-0816 | 1 Openbsd | 1 Openssh | 2024-02-28 | 7.5 HIGH | N/A |
| OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. | |||||
| CVE-2000-0774 | 1 Bajie | 1 Java Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root. | |||||
| CVE-2002-1804 | 1 Npds | 1 Npds | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | |||||
| CVE-2002-1567 | 1 Apache | 1 Tomcat | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script. | |||||
| CVE-2000-0162 | 1 Microsoft | 3 Ie, Internet Explorer, Visual Studio | 2024-02-28 | 5.1 MEDIUM | N/A |
| The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | |||||
| CVE-1999-0953 | 1 Matt Wright | 1 Wwwboard | 2024-02-28 | 10.0 HIGH | N/A |
| WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. | |||||
| CVE-2001-0083 | 1 Microsoft | 1 Windows Media Services | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 does not properly shut down some types of connections, producing a memory leak that allows remote attackers to cause a denial of service via a series of severed connections, aka the "Severed Windows Media Server Connection" vulnerability. | |||||
| CVE-2003-0577 | 1 Mpg123 | 1 Mpg123 | 2024-02-28 | 7.5 HIGH | N/A |
| mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. | |||||
| CVE-2002-1929 | 1 Php Arena | 1 Pafiledb | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (2) email, or (3) download actions. | |||||
| CVE-1999-1503 | 1 Nfr | 1 Nfr | 2024-02-28 | 5.0 MEDIUM | N/A |
| Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field. | |||||
| CVE-1999-0165 | 3 Bsdi, Linux, Sun | 5 Bsd Os, Linux Kernel, Nfs and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
| NFS cache poisoning. | |||||
| CVE-1999-1326 | 1 Washington University | 1 Wu-ftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
| wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. | |||||
| CVE-2003-0774 | 1 Sane | 2 Sane, Sane-backend | 2024-02-28 | 7.5 HIGH | N/A |
| saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed. | |||||