Total
29277 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-0235 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
CVE-2006-0286 | 1 Oracle | 2 Application Server, Database Server | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS01. | |||||
CVE-2005-4585 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
CVE-2000-1006 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability. | |||||
CVE-2004-0513 | 1 Apple | 1 Mac Os X | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." | |||||
CVE-2002-1275 | 1 Html2ps Project | 1 Html2ps | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input." | |||||
CVE-1999-0144 | 1 Qmail Project | 1 Qmail | 2024-02-28 | 2.1 LOW | N/A |
Denial of service in Qmail by specifying a large number of recipients with the RCPT command. | |||||
CVE-2004-1615 | 1 Opera | 1 Opera Browser | 2024-02-28 | 2.6 LOW | N/A |
Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme. | |||||
CVE-2000-0672 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory. | |||||
CVE-2003-1551 | 1 Novell | 1 Groupwise | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script." | |||||
CVE-2002-2264 | 1 Hp | 1 Secure Web Server For Tru64 | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be certain. | |||||
CVE-2002-2262 | 1 Hp | 1 Hp-ux | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. | |||||
CVE-1999-1412 | 2 Apache, Apple | 2 Http Server, Macos | 2024-02-28 | 5.0 MEDIUM | N/A |
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | |||||
CVE-2003-1493 | 1 Hp | 1 Openview Network Node Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets. | |||||
CVE-2004-2083 | 1 Opera | 1 Opera Browser | 2024-02-28 | 2.6 LOW | N/A |
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing." | |||||
CVE-1999-0289 | 2 Apache, Microsoft | 2 Http Server, Windows | 2024-02-28 | 5.0 MEDIUM | N/A |
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. | |||||
CVE-2004-0537 | 1 Opera | 1 Opera Browser | 2024-02-28 | 5.0 MEDIUM | N/A |
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces. | |||||
CVE-1999-0682 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled. | |||||
CVE-2003-0374 | 1 Nessus | 1 Nessus | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus." | |||||
CVE-2001-0726 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 7.5 HIGH | N/A |
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message. |