Total
266239 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1712 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3. | |||||
| CVE-2002-1735 | 1 Davin Mccall | 1 Dlogin | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in dlogin 1.0a could allow local users to gain privileges via unknown attack vectors. | |||||
| CVE-2002-0007 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 10.0 HIGH | N/A |
| CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server. | |||||
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2024-02-28 | 7.2 HIGH | N/A |
| The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | |||||
| CVE-1999-1074 | 1 Webmin | 1 Webmin | 2024-02-28 | 7.5 HIGH | N/A |
| Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | |||||
| CVE-2004-0519 | 2 Sgi, Squirrelmail | 2 Propack, Squirrelmail | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. | |||||
| CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | |||||
| CVE-2002-1245 | 1 Frank Mcingvale | 1 Luxman | 2024-02-28 | 7.2 HIGH | N/A |
| Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program. | |||||
| CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2024-02-28 | 7.5 HIGH | N/A |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | |||||
| CVE-2004-0746 | 4 Gentoo, Kde, Mandrakesoft and 1 more | 5 Linux, Kde, Konqueror and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
| Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | |||||
| CVE-2002-0445 | 1 Php Firstpost | 1 Php Firstpost | 2024-02-28 | 5.0 MEDIUM | N/A |
| article.php in PHP FirstPost 0.1 allows allows remote attackers to obtain the full pathname of the server via an invalid post number in the post parameter, which leaks the pathname in an error message. | |||||
| CVE-2002-1675 | 1 Unreal | 1 Unrealircd | 2024-02-28 | 6.4 MEDIUM | N/A |
| Format string vulnerability in the Cio_PrintF function of cio_main.c in Unreal IRCd 3.1.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers. | |||||
| CVE-2003-0520 | 1 Cerulean Studios | 1 Trillian | 2024-02-28 | 5.0 MEDIUM | N/A |
| Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. | |||||
| CVE-2003-0973 | 1 Apache | 1 Mod Python | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string. | |||||
| CVE-1999-1249 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-2004-1414 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
| Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images. | |||||
| CVE-1999-0208 | 3 Ibm, Nec, Sgi | 5 Aix, Asl Ux 4800, Ews-ux V and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. | |||||
| CVE-2004-0928 | 2 Hitachi, Macromedia | 4 Cosminexus Enterprise, Cosminexus Server, Coldfusion and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm". | |||||
| CVE-2004-0323 | 1 Xmb Forum | 1 Xmb | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. NOTE: it has also been shown that item (3) is also in XMB 1.9 beta. | |||||
| CVE-2001-1003 | 1 Webct | 1 Respondus | 2024-02-28 | 4.6 MEDIUM | N/A |
| Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges. | |||||