Total
266895 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0645 | 2 Abisource, Wvware | 2 Community Abiword, Wvware | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field. | |||||
CVE-1999-0282 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2001-0627 | 1 Sco | 1 Openserver | 2024-02-28 | 3.7 LOW | N/A |
vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. | |||||
CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | |||||
CVE-2004-1417 | 1 Psychostats | 1 Psychostats | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2.2.4 Beta and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter. | |||||
CVE-2001-1501 | 1 Proftpd Project | 1 Proftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument. | |||||
CVE-2003-0235 | 1 Mirabilis | 1 Icq | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. | |||||
CVE-2002-1840 | 1 Irssi | 1 Irssi | 2024-02-28 | 10.0 HIGH | N/A |
irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. | |||||
CVE-2004-0833 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.5 HIGH | N/A |
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages. | |||||
CVE-2004-1325 | 1 Microsoft | 1 Windows Media Player | 2024-02-28 | 5.0 MEDIUM | N/A |
The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system. | |||||
CVE-2001-0046 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | |||||
CVE-2000-0882 | 1 Intel | 4 Express 510t, Express 520t, Express 550f and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash. | |||||
CVE-2001-1499 | 1 Checkpoint | 1 Vpn-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks. | |||||
CVE-2004-2176 | 1 Microsoft | 1 Windows Xp | 2024-02-28 | 4.6 MEDIUM | N/A |
The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls. | |||||
CVE-2000-0097 | 1 Microsoft | 1 Index Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability. | |||||
CVE-2002-0616 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 5.1 MEDIUM | N/A |
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability." | |||||
CVE-2004-0613 | 1 Osticket | 1 Osticket Sts | 2024-02-28 | 7.5 HIGH | N/A |
osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory. | |||||
CVE-1999-1512 | 1 Amavis | 1 Virus Scanner | 2024-02-28 | 10.0 HIGH | N/A |
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field. | |||||
CVE-2002-2333 | 1 Kde | 1 Kde | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
CVE-2002-2120 | 1 Qnx | 1 Rtos | 2024-02-28 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to (1) Watcom or (2) int10. |