Total
266141 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0182 | 1 Samba | 1 Samba | 2024-02-28 | 10.0 HIGH | N/A |
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | |||||
CVE-1999-0162 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | |||||
CVE-2001-0198 | 1 Apple | 1 Quicktime | 2024-02-28 | 7.6 HIGH | N/A |
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
CVE-2002-2425 | 1 Sun | 1 Solaris Answerbook2 | 2024-02-28 | 10.0 HIGH | N/A |
Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request. | |||||
CVE-1999-1320 | 1 Novell | 1 Netware | 2024-02-28 | 4.6 MEDIUM | N/A |
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | |||||
CVE-2004-0379 | 1 Microsoft | 1 Sharepoint Portal Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts. | |||||
CVE-2001-1538 | 1 Speedxess | 1 Ha-120 Dsl Router | 2024-02-28 | 7.5 HIGH | N/A |
SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access. | |||||
CVE-1999-0987 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name. | |||||
CVE-2003-0055 | 1 Apple | 1 Quicktime Darwin Mp3 Broadcaster | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. | |||||
CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2024-02-28 | 5.0 MEDIUM | N/A |
IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | |||||
CVE-2001-1036 | 2 Gnu, Slackware | 2 Findutils, Slackware Linux | 2024-02-28 | 7.2 HIGH | N/A |
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. | |||||
CVE-1999-1377 | 1 Matt Wright | 1 Download.cgi | 2024-02-28 | 5.0 MEDIUM | N/A |
Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||
CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | |||||
CVE-2003-0089 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | |||||
CVE-2001-0530 | 1 Spearhead | 2 Netgap 200, Netgap 300 | 2024-02-28 | 5.0 MEDIUM | N/A |
Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters. | |||||
CVE-2003-1039 | 1 Sap | 1 Mysap Business Suite | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server. | |||||
CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | |||||
CVE-2001-1034 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | |||||
CVE-1999-1455 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host. | |||||
CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. |