Total
266174 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0160 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | |||||
CVE-2003-0970 | 1 Sun | 1 Sun Fire | 2024-02-28 | 5.0 MEDIUM | N/A |
The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled. | |||||
CVE-1999-0078 | 10 Bsdi, Freebsd, Hp and 7 more | 11 Bsd Os, Freebsd, Hp-ux and 8 more | 2024-02-28 | 1.9 LOW | N/A |
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | |||||
CVE-2002-1673 | 1 Webmin | 1 Webmin | 2024-02-28 | 3.6 LOW | N/A |
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file. | |||||
CVE-2001-0016 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. | |||||
CVE-2002-0408 | 1 Lotus | 1 Domino | 2024-02-28 | 5.0 MEDIUM | N/A |
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message. | |||||
CVE-2003-0934 | 1 Symbol Technologies | 1 Pdt | 2024-02-28 | 4.6 MEDIUM | N/A |
Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network. | |||||
CVE-2002-1707 | 1 Phpbb Group | 1 Phpbb | 2024-02-28 | 5.0 MEDIUM | N/A |
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2002-1179 | 1 Microsoft | 1 Outlook Express | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message. | |||||
CVE-2004-0766 | 1 Ngsec | 1 Stackdefender | 2024-02-28 | 5.0 MEDIUM | N/A |
NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwProtectVirtualMemory functions. | |||||
CVE-2000-0802 | 1 Pgp | 1 Personal Privacy | 2024-02-28 | 3.6 LOW | N/A |
The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR. | |||||
CVE-2000-0893 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. | |||||
CVE-1999-0609 | 1 Mercantec | 1 Softcart | 2024-02-28 | 5.0 MEDIUM | N/A |
An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information. | |||||
CVE-2002-2099 | 1 Gnu | 1 Data Display Debugger | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE. | |||||
CVE-2001-0751 | 1 Cisco | 1 Cbos | 2024-02-28 | 7.5 HIGH | N/A |
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | |||||
CVE-2004-0088 | 1 Apple | 1 Mac Os X | 2024-02-28 | 2.1 LOW | N/A |
The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087. | |||||
CVE-2001-0551 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window. | |||||
CVE-2000-0911 | 1 Horde | 1 Imp | 2024-02-28 | 5.0 MEDIUM | N/A |
IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment. | |||||
CVE-2001-1228 | 1 Gnu | 1 Gzip | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | |||||
CVE-2002-1394 | 1 Apache | 1 Tomcat | 2024-02-28 | 7.5 HIGH | N/A |
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. |