Total
266765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0362 | 1 Aol | 1 Instant Messenger | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711. | |||||
| CVE-2002-1080 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-28 | 7.5 HIGH | N/A |
| The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl. | |||||
| CVE-2002-2378 | 1 Nakata | 1 An Httpd | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page. | |||||
| CVE-1999-0814 | 1 Redhat | 1 Linux | 2024-02-28 | 10.0 HIGH | N/A |
| Red Hat pump DHCP client allows remote attackers to gain root access in some configurations. | |||||
| CVE-2000-1086 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-28 | 4.6 MEDIUM | N/A |
| The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
| CVE-2001-0669 | 4 Cisco, Enterasys, Iss and 1 more | 6 Catalyst 6000 Intrusion Detection System Module, Secure Intrusion Detection System, Dragon and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
| Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL. | |||||
| CVE-2003-1300 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | |||||
| CVE-2004-2210 | 1 Express-web | 1 Express-web Content Management System | 2024-02-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. | |||||
| CVE-2004-0906 | 1 Mozilla | 2 Mozilla, Thunderbird | 2024-02-28 | 4.6 MEDIUM | N/A |
| The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code. | |||||
| CVE-2002-0160 | 1 Cisco | 1 Secure Access Control Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002. | |||||
| CVE-2002-0330 | 1 Openbb | 1 Openbb | 2024-02-28 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag. | |||||
| CVE-2000-0776 | 1 Mediahouse Software | 1 Statistics Server Livestats | 2024-02-28 | 7.5 HIGH | N/A |
| Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long HTTP GET request. | |||||
| CVE-2000-0879 | 1 Plus Technologies | 1 Lpplus | 2024-02-28 | 2.1 LOW | N/A |
| LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services. | |||||
| CVE-2002-0264 | 1 Cooolsoft | 1 Powerftp | 2024-02-28 | 7.5 HIGH | N/A |
| PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges. | |||||
| CVE-2003-0746 | 1 Hp | 1 Openview | 2024-02-28 | 5.0 MEDIUM | N/A |
| Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such as the Blaster/MSblast/LovSAN worm. | |||||
| CVE-2004-0282 | 1 Crob | 1 Crob Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server. | |||||
| CVE-1999-0595 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | |||||
| CVE-2000-1144 | 1 Recourse Technologies | 1 Mantrap | 2024-02-28 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode number for the resulting "/" file system is higher than normal, which allows attackers to determine that they are in a chroot environment. | |||||
| CVE-2002-2196 | 1 Samba | 1 Samba | 2024-02-28 | 7.5 HIGH | N/A |
| Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
| CVE-1999-0062 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
| The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. | |||||