Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 29323 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-2083 1 Opera 1 Opera Browser 2024-02-28 2.6 LOW N/A
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."
CVE-1999-0289 2 Apache, Microsoft 2 Http Server, Windows 2024-02-28 5.0 MEDIUM N/A
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
CVE-2004-0537 1 Opera 1 Opera Browser 2024-02-28 5.0 MEDIUM N/A
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.
CVE-1999-0682 1 Microsoft 1 Exchange Server 2024-02-28 5.0 MEDIUM N/A
Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled.
CVE-2003-0374 1 Nessus 1 Nessus 2024-02-28 10.0 HIGH N/A
Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."
CVE-2001-0726 1 Microsoft 1 Exchange Server 2024-02-28 7.5 HIGH N/A
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
CVE-2004-0786 1 Apache 1 Http Server 2024-02-28 5.0 MEDIUM N/A
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
CVE-2004-1490 1 Opera 1 Opera Browser 2024-02-28 2.6 LOW N/A
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
CVE-2001-0146 1 Microsoft 2 Exchange Server, Internet Information Services 2024-02-28 5.0 MEDIUM N/A
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's.
CVE-2002-2317 1 Symantec 1 Velociraptor 2024-02-28 7.8 HIGH N/A
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
CVE-2004-0589 1 Cisco 1 Ios 2024-02-28 4.3 MEDIUM N/A
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
CVE-2000-0888 2 Debian, Isc 2 Debian Linux, Bind 2024-02-28 5.0 MEDIUM N/A
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."
CVE-1999-1302 1 Sco 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more 2024-02-28 7.2 HIGH N/A
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVE-2001-1371 1 Oracle 1 Application Server 2024-02-28 7.5 HIGH N/A
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
CVE-2003-0216 1 Cisco 1 Catos 2024-02-28 9.3 HIGH N/A
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.
CVE-2004-0751 1 Apache 1 Http Server 2024-02-28 5.0 MEDIUM N/A
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
CVE-2002-2374 1 Sun 1 Patchpro 2024-02-28 10.0 HIGH N/A
Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."
CVE-2004-1368 1 Oracle 9 Application Server, Collaboration Suite, E-business Suite and 6 more 2024-02-28 7.8 HIGH N/A
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
CVE-1999-0228 1 Microsoft 1 Windows Nt 2024-02-28 5.0 MEDIUM N/A
Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT.
CVE-2003-1525 1 My Photo Gallery 1 My Photo Gallery 2024-02-28 10.0 HIGH N/A
Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors.