Total
266127 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2052 | 1 Esesix | 1 Thintune | 2024-02-28 | 7.5 HIGH | N/A |
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing. | |||||
CVE-2004-0651 | 1 Sun | 2 Jre, Sdk | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). | |||||
CVE-2004-1826 | 1 Mambo | 1 Mambo Open Source 4.5 | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-1999-1200 | 1 Vintra Systems | 1 Smtp Mailserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command. | |||||
CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2024-02-28 | 7.5 HIGH | N/A |
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
CVE-2004-1581 | 1 Blackboard | 1 Blackboard | 2024-02-28 | 5.0 MEDIUM | N/A |
BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | |||||
CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | |||||
CVE-2003-0698 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0743. Reason: This candidate is a duplicate of CVE-2003-0743. Notes: All CVE users should reference CVE-2003-0743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2003-0429 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.5 HIGH | N/A |
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. | |||||
CVE-2003-0548 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | |||||
CVE-2001-1541 | 1 Bsdi | 1 Bsd Os | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument. | |||||
CVE-2004-1709 | 1 Datakey | 1 Rainbow Ikey2032 Usb Token | 2024-02-28 | 2.1 LOW | N/A |
Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users. | |||||
CVE-2002-0792 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2024-02-28 | 5.0 MEDIUM | N/A |
The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | |||||
CVE-2001-0312 | 1 Ibm | 1 Websphere Plugin | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in WebSphere's host aliases list, which will bypass WebSphere processing. | |||||
CVE-1999-0665 | 2024-02-28 | 10.0 HIGH | N/A | ||
An application-critical Windows NT registry key has an inappropriate value. | |||||
CVE-2001-1561 | 2 Debian, John Bovey | 2 Debian Linux, Xvt | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments. | |||||
CVE-2004-1509 | 1 Webcalendar | 1 Webcalendar | 2024-02-28 | 5.0 MEDIUM | N/A |
validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message. | |||||
CVE-2001-0398 | 1 Ritlabs | 1 The Bat | 2024-02-28 | 7.5 HIGH | N/A |
The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon. | |||||
CVE-2002-0489 | 1 Linux Directory Penguin | 1 Nslookup | 2024-02-28 | 10.0 HIGH | N/A |
Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters. | |||||
CVE-1999-0928 | 1 Smartdesk | 1 Websuite | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL. |