Total
29514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2432 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. | |||||
| CVE-2002-2431 | 1 Goahead | 1 Goahead Webserver | 2024-11-20 | 7.5 HIGH | N/A |
| Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c. | |||||
| CVE-2002-2374 | 1 Sun | 1 Patchpro | 2024-11-20 | 10.0 HIGH | N/A |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | |||||
| CVE-2002-2317 | 1 Symantec | 1 Velociraptor | 2024-11-20 | 7.8 HIGH | N/A |
| Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. | |||||
| CVE-2002-2264 | 1 Hp | 1 Secure Web Server For Tru64 | 2024-11-20 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be certain. | |||||
| CVE-2002-2262 | 1 Hp | 1 Hp-ux | 2024-11-20 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. | |||||
| CVE-2002-1790 | 1 Microsoft | 3 Exchange Server, Internet Information Server, Internet Information Services | 2024-11-20 | 5.0 MEDIUM | N/A |
| The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. | |||||
| CVE-2002-1716 | 1 Microsoft | 1 Office | 2024-11-20 | 5.0 MEDIUM | N/A |
| The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | |||||
| CVE-2002-1637 | 1 Oracle | 1 Application Server | 2024-11-20 | 4.6 MEDIUM | N/A |
| Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain privileges. | |||||
| CVE-2002-1275 | 1 Html2ps Project | 1 Html2ps | 2024-11-20 | 7.5 HIGH | N/A |
| Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input." | |||||
| CVE-2002-0839 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2024-11-20 | 7.2 HIGH | N/A |
| The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | |||||
| CVE-2002-0392 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2024-11-20 | 7.5 HIGH | N/A |
| Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | |||||
| CVE-2002-0367 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-11-20 | 7.2 HIGH | 7.8 HIGH |
| smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. | |||||
| CVE-2001-1371 | 1 Oracle | 1 Application Server | 2024-11-20 | 7.5 HIGH | N/A |
| The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. | |||||
| CVE-2001-1319 | 1 Microsoft | 1 Exchange Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter type field, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-0726 | 1 Microsoft | 1 Exchange Server | 2024-11-20 | 7.5 HIGH | N/A |
| Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message. | |||||
| CVE-2001-0146 | 1 Microsoft | 2 Exchange Server, Internet Information Services | 2024-11-20 | 5.0 MEDIUM | N/A |
| IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. | |||||
| CVE-2000-1245 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-20 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | |||||
| CVE-2000-1241 | 1 Sips | 1 Sips | 2024-11-20 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | |||||
| CVE-2000-1006 | 1 Microsoft | 1 Exchange Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability. | |||||