Total
266772 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1528 | 1 Prosoft Engineering | 1 Netware Client | 2024-02-28 | 4.6 MEDIUM | N/A |
ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session. | |||||
CVE-2003-1371 | 1 Nuked-klan | 1 Nuked-klan | 2024-02-28 | 4.3 MEDIUM | N/A |
Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. | |||||
CVE-2002-0822 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.5 HIGH | N/A |
Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump. | |||||
CVE-2000-0448 | 1 Network Associates | 1 Webshield | 2024-02-28 | 5.0 MEDIUM | N/A |
The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command. | |||||
CVE-2004-0383 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.2 HIGH | N/A |
Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email." | |||||
CVE-1999-0279 | 1 Excite | 1 Ews | 2024-02-28 | 7.5 HIGH | N/A |
Excite for Web Servers (EWS) allows remote command execution via shell metacharacters. | |||||
CVE-2000-0274 | 1 Bray Systems | 1 Linux Trustees | 2024-02-28 | 2.1 LOW | N/A |
The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. | |||||
CVE-2002-2128 | 1 W-agora | 1 W-agora | 2024-02-28 | 4.6 MEDIUM | N/A |
editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter. | |||||
CVE-2001-0730 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header. | |||||
CVE-2004-1495 | 1 Rarlab | 1 Winrar | 2024-02-28 | 2.6 LOW | N/A |
The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive. | |||||
CVE-2001-1528 | 1 Amtote | 1 Homebet | 2024-02-28 | 5.0 MEDIUM | N/A |
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack. | |||||
CVE-1999-0381 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. | |||||
CVE-2003-0222 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2024-02-28 | 9.0 HIGH | N/A |
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. | |||||
CVE-2004-1000 | 1 Debian | 1 Lintian | 2024-02-28 | 2.1 LOW | N/A |
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack. | |||||
CVE-2002-0359 | 1 Sgi | 1 Irix | 2024-02-28 | 10.0 HIGH | N/A |
xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges. | |||||
CVE-1999-0105 | 2024-02-28 | 2.1 LOW | N/A | ||
finger allows recursive searches by using a long string of @ symbols. | |||||
CVE-2002-1932 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection. | |||||
CVE-2001-1255 | 2 Mysql, Oracle | 2 Winmysqladmin, Mysql | 2024-02-28 | 4.6 MEDIUM | N/A |
WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. | |||||
CVE-2002-2414 | 2 Opera Software, Squid | 2 Opera, Squid | 2024-02-28 | 4.3 MEDIUM | N/A |
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash). | |||||
CVE-2002-1536 | 1 Hans Persson | 1 Molly | 2024-02-28 | 7.5 HIGH | N/A |
Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl, (2) the $to, $from, or $message variables in pop.pl, (3) the $words or $text variables in sms.pl, or (4) the $server or $printer variables in hpled.pl. |