Total
266700 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1356 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.5 HIGH | N/A |
Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages. | |||||
CVE-2002-1369 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2024-02-28 | 10.0 HIGH | N/A |
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-1999-0448 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | |||||
CVE-2001-0472 | 1 Ibm | 1 High Availability Cluster Multiprocessing | 2024-02-28 | 5.0 MEDIUM | N/A |
Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) HTTP object allows remote attackers to cause a denial of service (crash) via an extremely long HTTP request. | |||||
CVE-1999-0820 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 4.6 MEDIUM | N/A |
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands. | |||||
CVE-2003-1492 | 2 Mozilla, Netscape | 2 Firefox, Navigator | 2024-02-28 | 5.0 MEDIUM | N/A |
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. | |||||
CVE-2000-0499 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |||||
CVE-1999-1388 | 1 Sun | 1 Sunos | 2024-02-28 | 6.2 MEDIUM | N/A |
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument. | |||||
CVE-2004-1484 | 1 Socat | 1 Socat | 2024-02-28 | 5.0 MEDIUM | N/A |
Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message. | |||||
CVE-2001-1026 | 1 Trend Micro | 1 Interscan Applettrap | 2024-02-28 | 7.5 HIGH | N/A |
Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address. | |||||
CVE-2001-1453 | 1 Oracle | 1 Mysql | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter. | |||||
CVE-2002-2070 | 1 Accessdata | 1 Secureclean | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | |||||
CVE-2002-0567 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2024-02-28 | 7.5 HIGH | N/A |
Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process. | |||||
CVE-2003-0002 | 1 Microsoft | 1 Content Management Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. | |||||
CVE-2002-0216 | 1 Xoops | 1 Xoops | 2024-02-28 | 5.0 MEDIUM | N/A |
userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter. | |||||
CVE-2002-1201 | 1 Ibm | 1 Aix | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers. | |||||
CVE-1999-0519 | 1 Microsoft | 4 Outlook, Windows 2000, Windows 95 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
A NETBIOS/SMB share password is the default, null, or missing. | |||||
CVE-1999-0725 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 7.1 HIGH | N/A |
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". | |||||
CVE-1999-0373 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. | |||||
CVE-2003-0080 | 1 Gnome | 1 Gnome-lokkit | 2024-02-28 | 7.5 HIGH | N/A |
The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled. |