Total
266696 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1970 | 1 Securecomputing | 1 Smartether Ss6215s Switch | 2024-02-28 | 7.5 HIGH | N/A |
| Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message. | |||||
| CVE-2004-2144 | 1 Baalsystems | 1 Baal Smart Forms | 2024-02-28 | 7.5 HIGH | N/A |
| Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php. | |||||
| CVE-2003-1049 | 1 Ibm | 1 Db2 Universal Database | 2024-02-28 | 4.6 MEDIUM | N/A |
| IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | |||||
| CVE-2004-1465 | 1 Winzip | 1 Winzip | 2024-02-28 | 3.7 LOW | N/A |
| Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line. | |||||
| CVE-2004-0843 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | |||||
| CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2024-02-28 | 10.0 HIGH | N/A |
| Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||||
| CVE-2002-2164 | 1 Microsoft | 1 Outlook Express | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link. | |||||
| CVE-1999-0975 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
| The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | |||||
| CVE-2002-0332 | 1 Xtell | 1 Xtell | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request. | |||||
| CVE-2004-1869 | 1 Nival Interactive | 2 Etherlords, Etherlords Ii | 2024-02-28 | 5.0 MEDIUM | N/A |
| Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allows remote attackers to cause a denial of service (crash) by sending a packet that specifies the size for the next packet, then sending a larger packet than specified, which causes Etherlords to read unallocated memory. | |||||
| CVE-2002-1189 | 1 Cisco | 1 Unity Server | 2024-02-28 | 4.6 MEDIUM | N/A |
| The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding. | |||||
| CVE-2001-0929 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
| Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | |||||
| CVE-2000-1225 | 1 Imatix | 1 Xitami | 2024-02-28 | 5.0 MEDIUM | N/A |
| Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program. | |||||
| CVE-2001-0377 | 1 Infradig | 1 Inframail | 2024-02-28 | 5.0 MEDIUM | N/A |
| Infradig Inframail prior to 3.98a allows a remote attacker to create a denial of service via a malformed POST request which includes a space followed by a large string. | |||||
| CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 4.6 MEDIUM | N/A |
| Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | |||||
| CVE-2003-0937 | 1 Sco | 2 Open Unix, Unixware | 2024-02-28 | 4.6 MEDIUM | N/A |
| SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. | |||||
| CVE-2003-1138 | 1 Redhat | 1 Interchange | 2024-02-28 | 5.0 MEDIUM | N/A |
| The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//). | |||||
| CVE-2001-1259 | 1 Avaya | 1 Argent Office | 2024-02-28 | 5.0 MEDIUM | N/A |
| Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | |||||
| CVE-2002-0172 | 1 Sgi | 1 Irix | 2024-02-28 | 2.1 LOW | N/A |
| /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). | |||||
| CVE-2001-1449 | 2 Apache, Mandrakesoft | 4 Http Server, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
| The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | |||||