Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0055 | 2 Ibm, Sun | 3 Aix, Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflows in Sun libnsl allow root access. | |||||
CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | |||||
CVE-2003-1186 | 1 Telcondex | 1 Simplewebserver | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | |||||
CVE-2004-1861 | 1 Netsupport | 1 Netsupport School | 2024-02-28 | 4.6 MEDIUM | N/A |
Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain passwords. | |||||
CVE-1999-0772 | 1 Compaq | 2 Insight Management Agent, Power Management | 2024-02-28 | 6.4 MEDIUM | N/A |
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. | |||||
CVE-2001-1457 | 1 Nobreak Technologies | 1 Crazywwwboard | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTP_USER_AGENT CGI environment variable. | |||||
CVE-2002-2032 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 5.0 MEDIUM | N/A |
sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php. | |||||
CVE-2002-1099 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages. | |||||
CVE-2000-1011 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. | |||||
CVE-1999-0005 | 2 Netscape, University Of Washington | 2 Messaging Server, Imap | 2024-02-28 | 10.0 HIGH | N/A |
Arbitrary command execution via IMAP buffer overflow in authenticate command. | |||||
CVE-1999-1109 | 1 Sendmail | 1 Sendmail | 2024-02-28 | 5.0 MEDIUM | N/A |
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated. | |||||
CVE-2002-1353 | 1 Intranet-server | 1 Localweb2000 | 2024-02-28 | 5.0 MEDIUM | N/A |
LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst. | |||||
CVE-2001-0877 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system. | |||||
CVE-2004-0242 | 1 Qualiteam | 1 X-cart | 2024-02-28 | 5.0 MEDIUM | N/A |
X-Cart 3.4.3 allows remote attackers to gain sensitive information via a mode parameter with (1) phpinfo command or (2) perlinfo command. | |||||
CVE-2000-0228 | 1 Microsoft | 1 Windows Media Rights Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability. | |||||
CVE-2002-0718 | 1 Microsoft | 1 Content Management Server | 2024-02-28 | 7.5 HIGH | N/A |
Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function." | |||||
CVE-2004-2185 | 1 Mediawiki | 1 Mediawiki | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage. | |||||
CVE-2003-1198 | 1 Cherokee | 1 Cherokee Httpd | 2024-02-28 | 5.0 MEDIUM | N/A |
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. | |||||
CVE-2003-0396 | 1 Linux-atm | 1 Linux-atm | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument. | |||||
CVE-2004-1735 | 1 Sympa | 1 Sympa | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. |