Total
266841 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0749 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2024-02-28 | 7.5 HIGH | N/A |
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root. | |||||
CVE-1999-1250 | 1 Blue World Communications | 1 Lasso Cgi | 2024-02-28 | 5.0 MEDIUM | N/A |
Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files. | |||||
CVE-2000-0196 | 3 Nmh, Redhat, Turbolinux | 3 Nmh, Linux, Turbolinux | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message. | |||||
CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | |||||
CVE-2004-0371 | 1 Kth | 1 Heimdal | 2024-02-28 | 5.0 MEDIUM | N/A |
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path. | |||||
CVE-2003-1434 | 1 Pete Werner | 1 Login Ldap | 2024-02-28 | 6.8 MEDIUM | N/A |
login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no DN or password. | |||||
CVE-2000-0287 | 1 Cnc | 1 Technology Bizdb | 2024-02-28 | 10.0 HIGH | N/A |
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter. | |||||
CVE-2002-1923 | 1 Oracle | 1 Mysql | 2024-02-28 | 7.5 HIGH | N/A |
The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection. | |||||
CVE-1999-0175 | 1 Novell | 1 Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. | |||||
CVE-2000-1179 | 1 Netopia | 1 650-st Isdn Router | 2024-02-28 | 5.0 MEDIUM | N/A |
Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters. | |||||
CVE-1999-0227 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. | |||||
CVE-2001-0057 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. | |||||
CVE-2000-0848 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header. | |||||
CVE-1999-0348 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. | |||||
CVE-2004-1893 | 1 Macromedia | 2 Dreamweaver, Dreamweaver Ultradev | 2024-02-28 | 5.0 MEDIUM | N/A |
Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb.asp script to the web site but does not require authentication, which allows remote attackers to obtain sensitive information and possibly execute arbitrary SQL commands via a direct request to mmhttpdb.asp. | |||||
CVE-2002-0728 | 1 Greg Roelofs | 1 Libpng | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. | |||||
CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | |||||
CVE-2000-0439 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 2.6 LOW | N/A |
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. | |||||
CVE-2000-0131 | 1 Jgaa | 1 Warftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. | |||||
CVE-1999-0239 | 1 Netscape | 1 Fasttrack Server | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET. |