Total
266239 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0988 | 1 Bardon Data Systems | 1 Winu | 2024-02-28 | 7.2 HIGH | N/A |
WinU 1.0 through 5.1 has a backdoor password that allows remote attackers to gain access to its administrative interface and modify configuration. | |||||
CVE-2002-1689 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. | |||||
CVE-2002-0630 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets. | |||||
CVE-2001-1157 | 1 Baltimore Technologies | 1 Websweeper | 2024-02-28 | 7.5 HIGH | N/A |
Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode. | |||||
CVE-2003-1266 | 1 Etype | 1 Eserv | 2024-02-28 | 5.0 MEDIUM | N/A |
The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. | |||||
CVE-2004-1763 | 1 Haht Commerce | 1 Hahtsite Scenario Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name. | |||||
CVE-2002-1764 | 1 Adobe | 1 Acrobat Reader | 2024-02-28 | 2.1 LOW | N/A |
acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2003-0413 | 1 Sun | 1 One Application Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message. | |||||
CVE-1999-0255 | 2024-02-28 | 10.0 HIGH | N/A | ||
Buffer overflow in ircd allows arbitrary command execution. | |||||
CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2024-02-28 | 1.2 LOW | N/A |
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | |||||
CVE-2000-0220 | 1 Zonelabs | 1 Zonealarm | 2024-02-28 | 5.0 MEDIUM | N/A |
ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. | |||||
CVE-2003-0147 | 3 Openpkg, Openssl, Stunnel | 3 Openpkg, Openssl, Stunnel | 2024-02-28 | 5.0 MEDIUM | N/A |
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal). | |||||
CVE-2001-1349 | 1 Sendmail | 1 Sendmail | 2024-02-28 | 3.7 LOW | N/A |
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. | |||||
CVE-2003-1149 | 1 Symantec | 1 Norton Internet Security | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page. | |||||
CVE-2003-0487 | 1 Kerio | 1 Kerio Mailserver | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module. | |||||
CVE-2001-0409 | 1 Vim Development Group | 1 Vim | 2024-02-28 | 2.1 LOW | N/A |
vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory. | |||||
CVE-2005-0192 | 1 Realnetworks | 2 Realone Player, Realplayer | 2024-02-28 | 2.6 LOW | N/A |
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. | |||||
CVE-2001-1489 | 1 Microsoft | 1 Ie | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images. | |||||
CVE-2002-2005 | 1 Sun | 1 Java Web Start | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors. | |||||
CVE-1999-0124 | 1 University Of Minnesota | 1 Gopherd | 2024-02-28 | 10.0 HIGH | N/A |
Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. |