Total
29188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0751 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). | |||||
| CVE-2002-2374 | 1 Sun | 1 Patchpro | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | |||||
| CVE-2004-1368 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2024-02-28 | 7.8 HIGH | N/A |
| ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script. | |||||
| CVE-1999-0228 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. | |||||
| CVE-2003-1525 | 1 My Photo Gallery | 1 My Photo Gallery | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors. | |||||
| CVE-1999-1589 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
| Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
| CVE-2002-1637 | 1 Oracle | 1 Application Server | 2024-02-28 | 4.6 MEDIUM | N/A |
| Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain privileges. | |||||
| CVE-2000-0524 | 1 Microsoft | 2 Exchange Server, Outlook | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. | |||||
| CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
| CVE-2003-1561 | 1 Opera | 1 Opera | 2024-02-28 | 4.3 MEDIUM | N/A |
| Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | |||||
| CVE-2003-1333 | 1 Intersystems | 1 Cache Database | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server. | |||||
| CVE-2003-1361 | 2 Ibm, Veritas | 2 Tivoli Storage Manager, Bare Metal Restore | 2024-02-28 | 10.0 HIGH | N/A |
| Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server. | |||||
| CVE-2004-0809 | 8 Apache, Debian, Gentoo and 5 more | 12 Http Server, Debian Linux, Linux and 9 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | |||||
| CVE-2003-1422 | 1 Gentoo | 1 Syslinux | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors. | |||||
| CVE-2003-0242 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.5 HIGH | N/A |
| IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | |||||
| CVE-2000-1241 | 1 Sips | 1 Sips | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | |||||
| CVE-2004-0542 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | N/A |
| PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function. | |||||
| CVE-2004-1810 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array. | |||||
| CVE-2002-1790 | 1 Microsoft | 3 Exchange Server, Internet Information Server, Internet Information Services | 2024-02-28 | 5.0 MEDIUM | N/A |
| The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. | |||||
| CVE-1999-1043 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | |||||