Total
266150 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0288 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
| Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2001-0694 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-28 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command. | |||||
| CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2024-02-28 | 5.0 MEDIUM | N/A |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
| CVE-2003-1135 | 1 Yahoo | 1 Messenger | 2024-02-28 | 2.6 LOW | N/A |
| Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | |||||
| CVE-2001-1046 | 1 Qualcomm | 1 Qpopper | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username. | |||||
| CVE-2001-0113 | 1 Omnicron | 1 Omnihttpd | 2024-02-28 | 10.0 HIGH | N/A |
| statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script. | |||||
| CVE-2000-0463 | 1 Be | 1 Beos | 2024-02-28 | 5.0 MEDIUM | N/A |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
| CVE-2004-0403 | 1 Kame | 1 Racoon | 2024-02-28 | 5.0 MEDIUM | N/A |
| Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field. | |||||
| CVE-2003-0931 | 1 Sygate Technologies | 1 Enforcer | 2024-02-28 | 5.0 MEDIUM | N/A |
| Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999. | |||||
| CVE-2000-1178 | 1 Joseph Allen | 1 Joe | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. | |||||
| CVE-2002-0114 | 1 Emc | 1 Networker | 2024-02-28 | 4.6 MEDIUM | N/A |
| EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | |||||
| CVE-2002-0502 | 1 Citrix | 1 Nfuse | 2024-02-28 | 5.0 MEDIUM | N/A |
| Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. | |||||
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2024-02-28 | 5.0 MEDIUM | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | |||||
| CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2024-02-28 | 5.1 MEDIUM | N/A |
| NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
| CVE-2000-0042 | 1 Csm | 1 Mail Server | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. | |||||
| CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
| CVE-2004-0585 | 2024-02-28 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0589. Reason: This candidate is a duplicate of CVE-2004-0589. Notes: All CVE users should reference CVE-2004-0589 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
| CVE-2003-0676 | 1 Sun | 2 Iplanet Directory Server, One Directory Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. | |||||
| CVE-2003-0174 | 1 Sgi | 1 Irix | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. | |||||
| CVE-2002-1064 | 1 T. Hauck | 1 Jana Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server. | |||||