Total
29277 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0786 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool. | |||||
CVE-2004-1490 | 1 Opera | 1 Opera Browser | 2024-02-28 | 2.6 LOW | N/A |
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers. | |||||
CVE-2001-0146 | 1 Microsoft | 2 Exchange Server, Internet Information Services | 2024-02-28 | 5.0 MEDIUM | N/A |
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. | |||||
CVE-2002-2317 | 1 Symantec | 1 Velociraptor | 2024-02-28 | 7.8 HIGH | N/A |
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. | |||||
CVE-2004-0589 | 1 Cisco | 1 Ios | 2024-02-28 | 4.3 MEDIUM | N/A |
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. | |||||
CVE-2000-0888 | 2 Debian, Isc | 2 Debian Linux, Bind | 2024-02-28 | 5.0 MEDIUM | N/A |
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | |||||
CVE-1999-1302 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
CVE-2001-1371 | 1 Oracle | 1 Application Server | 2024-02-28 | 7.5 HIGH | N/A |
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. | |||||
CVE-2003-0216 | 1 Cisco | 1 Catos | 2024-02-28 | 9.3 HIGH | N/A |
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password. | |||||
CVE-2004-0751 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). | |||||
CVE-2002-2374 | 1 Sun | 1 Patchpro | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | |||||
CVE-2004-1368 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2024-02-28 | 7.8 HIGH | N/A |
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script. | |||||
CVE-1999-0228 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. | |||||
CVE-2003-1525 | 1 My Photo Gallery | 1 My Photo Gallery | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors. | |||||
CVE-1999-1589 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
CVE-2002-1637 | 1 Oracle | 1 Application Server | 2024-02-28 | 4.6 MEDIUM | N/A |
Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain privileges. | |||||
CVE-2000-0524 | 1 Microsoft | 2 Exchange Server, Outlook | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. | |||||
CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
CVE-2003-1561 | 1 Opera | 1 Opera | 2024-02-28 | 4.3 MEDIUM | N/A |
Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | |||||
CVE-2003-1333 | 1 Intersystems | 1 Cache Database | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server. |