Total
266742 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0063 | 1 Nortel | 1 Contivity | 2024-02-28 | 5.0 MEDIUM | N/A |
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | |||||
CVE-2004-0815 | 1 Samba | 1 Samba | 2024-02-28 | 7.5 HIGH | N/A |
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. | |||||
CVE-2002-0093 | 1 Compaq | 1 Tru64 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423. | |||||
CVE-2003-1379 | 1 Point Clark Networks | 1 Clarkconnect | 2024-02-28 | 5.0 MEDIUM | N/A |
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processes, (5) Y, which reveals the snort log files, or (6) b, which reveals /var/log/messages. | |||||
CVE-2001-0994 | 1 Marconi | 1 Forethought | 2024-02-28 | 5.0 MEDIUM | N/A |
Marconi ForeThought 7.1 allows remote attackers to cause a denial of service by causing both telnet sessions to be locked via unusual input (e.g., from a port scanner), which prevents others from logging into the device. | |||||
CVE-2000-0380 | 1 Cisco | 1 Ios | 2024-02-28 | 7.1 HIGH | N/A |
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | |||||
CVE-2002-0590 | 1 Icredibb | 1 Icredibb | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts. | |||||
CVE-2004-0117 | 1 Microsoft | 6 Netmeeting, Windows 2000, Windows 2003 Server and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | |||||
CVE-2003-1302 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. | |||||
CVE-2004-0456 | 3 Debian, Gentoo, Pavuk | 3 Debian Linux, Linux, Pavuk | 2024-02-28 | 7.6 HIGH | N/A |
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | |||||
CVE-2002-0650 | 1 Microsoft | 1 Sql Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop. | |||||
CVE-2003-0317 | 1 Iisprotect | 1 Iisprotect | 2024-02-28 | 7.5 HIGH | N/A |
iisPROTECT 2.1 and 2.2 allows remote attackers to bypass authentication via an HTTP request containing URL-encoded characters. | |||||
CVE-2000-0014 | 1 Michael Lamont | 1 Savant Webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in Savant web server via a null character in the requested URL. | |||||
CVE-2000-0123 | 1 Filemaker | 1 Filemaker | 2024-02-28 | 7.5 HIGH | N/A |
The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-1999-1502 | 1 Id Software | 1 Quake | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. | |||||
CVE-2001-1551 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs. | |||||
CVE-2002-2045 | 1 Xqus | 1 X-stat | 2024-02-28 | 6.4 MEDIUM | N/A |
x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message. | |||||
CVE-1999-0660 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. It might be more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc. | |||||
CVE-2000-0480 | 1 Shadow Op Software | 1 Dragon Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Dragon telnet server allows remote attackers to cause a denial of service via a long username. | |||||
CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2024-02-28 | 10.0 HIGH | N/A |
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. |