Total
266887 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2024-02-28 | 7.2 HIGH | N/A |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||||
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 7.2 HIGH | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
| CVE-1999-1415 | 1 Digital | 1 Ultrix | 2024-02-28 | 4.6 MEDIUM | N/A |
| Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. | |||||
| CVE-2001-0483 | 1 Symantec | 1 Raptor Firewall | 2024-02-28 | 7.5 HIGH | N/A |
| Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set. | |||||
| CVE-2002-0902 | 1 Phpbb Group | 1 Phpbb | 2024-02-28 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script. | |||||
| CVE-2003-1319 | 1 Smartftp | 1 Smartftp | 2024-02-28 | 7.6 HIGH | N/A |
| Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow. | |||||
| CVE-2004-0288 | 1 Mnogosearch | 1 Mnogosearch | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document. | |||||
| CVE-2004-0175 | 1 Openbsd | 1 Openssh | 2024-02-28 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992. | |||||
| CVE-1999-1243 | 1 Sgi | 1 Irix | 2024-02-28 | 4.6 MEDIUM | N/A |
| SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges. | |||||
| CVE-2004-2023 | 1 Zen Cart | 1 Zen Cart | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters. | |||||
| CVE-1999-0396 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-02-28 | 2.6 LOW | N/A |
| A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | |||||
| CVE-2003-1177 | 1 Atrium Software | 1 Mercur Mailserver | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | |||||
| CVE-2002-0218 | 1 Sas | 2 Sas Base, Sas Integration Technologies | 2024-02-28 | 7.2 HIGH | N/A |
| Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument. | |||||
| CVE-1999-1343 | 1 Xerox | 1 Docucolor 4lp | 2024-02-28 | 5.0 MEDIUM | N/A |
| HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters. | |||||
| CVE-1999-0442 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
| Solaris ff.core allows local users to modify files. | |||||
| CVE-2000-0771 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 2.1 LOW | N/A |
| Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. | |||||
| CVE-2004-0979 | 1 Microsoft | 3 Ie, Internet Explorer, Windows Xp | 2024-02-28 | 4.6 MEDIUM | N/A |
| Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration. | |||||
| CVE-2002-2247 | 1 Mambo | 1 Mambo Site Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function. | |||||
| CVE-2004-1628 | 1 Pizzashack | 1 Rssh | 2024-02-28 | 9.0 HIGH | N/A |
| Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code. | |||||
| CVE-2004-0499 | 2024-02-28 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | |||||