Total
266129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0746 | 2 Slackware, Suse | 2 Slackware Linux, Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. | |||||
| CVE-2002-2125 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 6.4 MEDIUM | N/A |
| Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack. | |||||
| CVE-2000-0043 | 1 Camshot | 1 Webcam Http Server | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2002-0870 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2024-02-28 | 7.5 HIGH | N/A |
| The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | |||||
| CVE-2003-0776 | 1 Sane | 2 Sane, Sane-backend | 2024-02-28 | 7.5 HIGH | N/A |
| saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | |||||
| CVE-2002-0607 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-28 | 7.5 HIGH | N/A |
| members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL. | |||||
| CVE-2004-0474 | 1 Microsoft | 1 Windows Xp | 2024-02-28 | 5.1 MEDIUM | N/A |
| Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue. | |||||
| CVE-2004-1431 | 1 Joe Lumbroso | 1 Jacks Formmail.php | 2024-02-28 | 5.0 MEDIUM | N/A |
| FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in the ar_file (auto-reply) parameter. | |||||
| CVE-2004-2035 | 1 Minishare | 1 Minimal Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. | |||||
| CVE-2001-0760 | 1 Citrix | 1 Nfuse | 2024-02-28 | 5.0 MEDIUM | N/A |
| Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field. | |||||
| CVE-2001-0434 | 1 Compaq | 1 Presario | 2024-02-28 | 6.4 MEDIUM | N/A |
| The LogDataListToFile ActiveX function used in (1) Knowledge Center and (2) Back web components of Compaq Presario computers allows remote attackers to modify arbitrary files and cause a denial of service. | |||||
| CVE-2000-0554 | 1 Lilikoi | 1 Ceilidh | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translated_path hidden form field. | |||||
| CVE-2000-0597 | 1 Microsoft | 2 Excel, Powerpoint | 2024-02-28 | 7.5 HIGH | N/A |
| Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | |||||
| CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2024-02-28 | 7.5 HIGH | N/A |
| Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | |||||
| CVE-1999-0940 | 1 Mutt | 1 Mutt Mail Client | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. | |||||
| CVE-1999-0534 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
| A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. | |||||
| CVE-2002-1908 | 1 Microsoft | 1 Internet Information Services | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters. | |||||
| CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2024-02-28 | 7.5 HIGH | N/A |
| SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | |||||
| CVE-2004-0247 | 1 Cauldron | 2 Chaser Client, Chaser Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory. | |||||
| CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2024-02-28 | 5.0 MEDIUM | N/A |
| SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | |||||