Total
266154 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2024-02-28 | 5.0 MEDIUM | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | |||||
| CVE-2003-0444 | 1 Gtksee | 1 Gtksee | 2024-02-28 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths. | |||||
| CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
| Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | |||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Land IP denial of service. | |||||
| CVE-2002-2006 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.0 MEDIUM | N/A |
| The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets. | |||||
| CVE-1999-1297 | 1 Sun | 1 Sunos | 2024-02-28 | 2.1 LOW | N/A |
| cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key. | |||||
| CVE-2000-0564 | 1 Mirabilis | 1 Icq | 2024-02-28 | 5.0 MEDIUM | N/A |
| The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. | |||||
| CVE-2004-1398 | 1 Roxio | 1 Toast | 2024-02-28 | 4.6 MEDIUM | N/A |
| Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument. | |||||
| CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. | |||||
| CVE-2000-0239 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request. | |||||
| CVE-1999-0623 | 2024-02-28 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The X Windows service is running. | |||||
| CVE-2002-0179 | 1 Xpilot | 1 Xpilot | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-1999-0217 | 1 Sun | 1 Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. | |||||
| CVE-2000-0342 | 1 Qualcomm | 1 Eudora | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." | |||||
| CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | |||||
| CVE-2002-0839 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2024-02-28 | 7.2 HIGH | N/A |
| The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | |||||
| CVE-2001-0022 | 1 Leif M. Wright | 1 Simplestguest.cgi | 2024-02-28 | 10.0 HIGH | N/A |
| simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter. | |||||
| CVE-2004-2019 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 5.0 MEDIUM | N/A |
| The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message. | |||||
| CVE-2002-0291 | 1 Funsoft | 1 Dinos Webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
| Dino's Webserver 1.2 allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via several large HTTP requests within a short time. | |||||
| CVE-2002-1579 | 1 Sap | 1 Sapgui | 2024-02-28 | 5.0 MEDIUM | N/A |
| SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error. | |||||