Total
266682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1582 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. | |||||
| CVE-2003-1299 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2024-02-28 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. | |||||
| CVE-2003-1214 | 1 Visualshapers | 1 Ezcontents | 2024-02-28 | 7.5 HIGH | N/A |
| Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions. | |||||
| CVE-2004-1435 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK). | |||||
| CVE-1999-0118 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
| AIX infod allows local users to gain root access through an X display. | |||||
| CVE-2002-0945 | 1 Seanox | 1 Devwex | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in SeaNox Devwex allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-1493 | 1 Lycos | 1 Htmlgear Guestgear | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag. | |||||
| CVE-2002-0667 | 1 Pingtel | 1 Xpressa | 2024-02-28 | 10.0 HIGH | N/A |
| Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone. | |||||
| CVE-2000-0503 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 2.6 LOW | N/A |
| The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. | |||||
| CVE-2004-0523 | 4 Mit, Sgi, Sun and 1 more | 7 Kerberos, Kerberos 5, Propack and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | |||||
| CVE-2004-1560 | 1 Microsoft | 1 Sql Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow. | |||||
| CVE-1999-0422 | 1 Netbsd | 1 Netbsd | 2024-02-28 | 4.6 MEDIUM | N/A |
| In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set. | |||||
| CVE-2002-0521 | 1 Asp-nuke | 1 Asp-nuke | 2024-02-28 | 5.1 MEDIUM | N/A |
| Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp. | |||||
| CVE-2003-1074 | 1 Sun | 1 Solaris | 2024-02-28 | 7.2 HIGH | N/A |
| Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. | |||||
| CVE-2003-1544 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 6.8 MEDIUM | N/A |
| Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded. | |||||
| CVE-2004-0046 | 1 Snapstream | 1 Snapstream Pvs | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' (double quote) character. | |||||
| CVE-2003-0903 | 1 Microsoft | 1 Data Access Components | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request. | |||||
| CVE-2002-0232 | 1 Mrtg | 1 Multi Router Traffic Grapher Cgi | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi. | |||||
| CVE-1999-0114 | 1 Elm Development Group | 1 Elm | 2024-02-28 | 4.6 MEDIUM | N/A |
| Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack. | |||||
| CVE-2002-0719 | 1 Microsoft | 1 Content Management Server | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the function that services for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary commands via an MCMS resource request for image files or other files. | |||||