Total
266182 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0167 | 1 Att | 1 Winvnc | 2024-02-28 | 7.6 HIGH | N/A |
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. | |||||
CVE-2001-0280 | 1 Atrium Software | 1 Mercur | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | |||||
CVE-2003-0801 | 1 Nokia | 1 Electronic Documentation | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script. | |||||
CVE-2000-0183 | 1 Michael Sandrof | 1 Ircii | 2024-02-28 | 5.1 MEDIUM | N/A |
Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. | |||||
CVE-2002-1231 | 1 Caldera | 2 Openunix, Unixware | 2024-02-28 | 2.1 LOW | N/A |
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc. | |||||
CVE-1999-0572 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 9.3 HIGH | N/A |
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. | |||||
CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||
CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||||
CVE-2004-0423 | 1 Ssmtp | 1 Ssmtp | 2024-02-28 | 2.1 LOW | N/A |
The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file. | |||||
CVE-2004-0318 | 1 Platform | 1 Lsf | 2024-02-28 | 10.0 HIGH | N/A |
Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges. | |||||
CVE-2003-0141 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2024-02-28 | 5.1 MEDIUM | N/A |
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. | |||||
CVE-2004-2112 | 1 Herberlin | 1 Bremsserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL. | |||||
CVE-2003-0048 | 1 Putty | 1 Putty | 2024-02-28 | 4.6 MEDIUM | N/A |
PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
CVE-2001-1437 | 1 Easyscripts | 1 Easynews | 2024-02-28 | 7.5 HIGH | N/A |
easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out. | |||||
CVE-1999-0412 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-28 | 7.5 HIGH | N/A |
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. | |||||
CVE-1999-0683 | 1 Network Associates | 1 Gauntlet Firewall | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in Gauntlet Firewall via a malformed ICMP packet. | |||||
CVE-2002-0099 | 1 Michael Lamont | 1 Savant Webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters. | |||||
CVE-1999-0245 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.6 MEDIUM | N/A |
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+". | |||||
CVE-2004-0188 | 1 Calife | 1 Calife | 2024-02-28 | 7.2 HIGH | N/A |
Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password. | |||||
CVE-1999-0779 | 1 Hp | 1 Hp-ux | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in HP-UX SharedX recserv program. |