Vulnerabilities (CVE)

Total 240544 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0048 1 Andrew Tridgell 1 Rsync 2024-02-28 10.0 HIGH N/A
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
CVE-2002-1514 1 Borland Software 1 Interbase 2024-02-28 7.2 HIGH N/A
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
CVE-1999-0945 1 Microsoft 1 Exchange Server 2024-02-28 5.0 MEDIUM N/A
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
CVE-2001-1233 1 Novell 2 Groupwise Webaccess, Netware 2024-02-28 5.0 MEDIUM N/A
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
CVE-1999-1524 1 Flowpoint 1 Flowpoint Dsl Router 2024-02-28 5.0 MEDIUM N/A
FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port.
CVE-2001-1490 1 Mozilla 1 Mozilla 2024-02-28 5.0 MEDIUM N/A
Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
CVE-2003-0345 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2024-02-28 7.5 HIGH N/A
Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.
CVE-1999-1473 1 Microsoft 1 Internet Explorer 2024-02-28 5.0 MEDIUM N/A
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
CVE-2001-0367 1 Mirabilis 1 Icq 2024-02-28 5.0 MEDIUM N/A
Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.
CVE-2002-0785 1 Aol 1 Instant Messenger 2024-02-28 5.0 MEDIUM N/A
AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow.
CVE-2003-0718 1 Microsoft 2 Internet Information Server, Internet Information Services 2024-02-28 5.0 MEDIUM N/A
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes.
CVE-2000-0271 1 Gnu 1 Emacs 2024-02-28 4.6 MEDIUM N/A
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
CVE-2004-1394 1 Sun 2 Solaris, Sunos 2024-02-28 4.6 MEDIUM N/A
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.
CVE-2000-0010 1 Tony Greenwood 1 Webwho\+ 2024-02-28 10.0 HIGH N/A
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
CVE-1999-1189 1 Netscape 2 Communicator, Navigator 2024-02-28 7.5 HIGH N/A
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
CVE-2004-0811 1 Apache 1 Http Server 2024-02-28 7.5 HIGH N/A
Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
CVE-2001-0181 1 Caldera 3 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver 2024-02-28 10.0 HIGH N/A
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
CVE-2001-1118 1 Roxen 1 Roxen Webserver 2024-02-28 7.5 HIGH N/A
A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL.
CVE-2002-2361 1 Yahoo 1 Messenger 2024-02-28 5.8 MEDIUM N/A
The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing.
CVE-2002-0075 1 Microsoft 2 Internet Information Server, Internet Information Services 2024-02-28 7.5 HIGH N/A
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.