Total
266696 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1581 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded. | |||||
CVE-2001-0597 | 1 Zetetic Enterprises | 1 Strip | 2024-02-28 | 7.2 HIGH | N/A |
Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'. | |||||
CVE-2004-1728 | 1 British National Corpus | 1 Sara | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string. | |||||
CVE-2002-0554 | 1 Ibm | 1 Informix Web Datablade | 2024-02-28 | 7.5 HIGH | N/A |
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request. | |||||
CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2024-02-28 | 7.5 HIGH | N/A |
get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | |||||
CVE-2000-1079 | 1 Microsoft | 4 Windows 2000, Windows 95, Windows 98 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | |||||
CVE-2000-0470 | 1 Allegro | 1 Rom Pager | 2024-02-28 | 7.5 HIGH | N/A |
Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request. | |||||
CVE-2001-1116 | 1 Identix | 1 Biologon | 2024-02-28 | 4.6 MEDIUM | N/A |
Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authentication through a secondary display. | |||||
CVE-2001-0909 | 1 Microsoft | 1 Windows Xp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL. | |||||
CVE-2001-0647 | 1 Orange Software | 1 Orange Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version. | |||||
CVE-2001-1230 | 1 Icecast | 1 Icecast | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | |||||
CVE-2001-1315 | 1 Critical Path | 2 Injoin Directory Server, Livecontent Directory | 2024-02-28 | 7.5 HIGH | N/A |
Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2004-0526 | 1 Microsoft | 4 Ie, Internet Explorer, Outlook and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | |||||
CVE-1999-0418 | 2024-02-28 | 6.4 MEDIUM | N/A | ||
Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection. | |||||
CVE-2003-0793 | 1 Gnome | 1 Gdm | 2024-02-28 | 2.1 LOW | N/A |
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption). | |||||
CVE-2002-0937 | 1 Macromedia | 1 Jrun | 2024-02-28 | 5.0 MEDIUM | N/A |
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). | |||||
CVE-2001-0785 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2002-0169 | 1 Redhat | 2 Docbook Stylesheets, Docbook Utils | 2024-02-28 | 4.6 MEDIUM | N/A |
The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier. | |||||
CVE-2000-0105 | 1 Microsoft | 1 Outlook Express | 2024-02-28 | 5.0 MEDIUM | N/A |
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | |||||
CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. |