Total
266108 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1439 | 1 Silc | 1 Secure Internet Live Conferencing | 2024-02-28 | 4.3 MEDIUM | N/A |
Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. | |||||
CVE-2004-0377 | 2 Activestate, Larry Wall | 2 Activeperl, Perl | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character. | |||||
CVE-2000-0096 | 1 Qualcomm | 1 Qpopper | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command. | |||||
CVE-1999-1011 | 1 Microsoft | 4 Data Access Components, Index Server, Internet Information Server and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. | |||||
CVE-2004-1721 | 1 Merak | 1 Mail Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attackers to read arbitrary PHP files via a direct HTTP request to port 32000. | |||||
CVE-2001-0122 | 1 Ibm | 2 Http Server, Websphere Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error. | |||||
CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||
CVE-2002-1703 | 1 Mewsoft | 1 Netauction | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter. | |||||
CVE-2002-0511 | 1 Nscd | 1 Nscd | 2024-02-28 | 7.5 HIGH | N/A |
The default configuration of Name Service Cache Daemon (nscd) in Caldera OpenLinux 3.1 and 3.1.1 uses cached PTR records instead of consulting the authoritative DNS server for the A record, which could make it easier for remote attackers to bypass applications that restrict access based on host names. | |||||
CVE-2004-0298 | 1 Aclogic | 1 Cesarftp | 2024-02-28 | 5.0 MEDIUM | N/A |
CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RETR parameter. | |||||
CVE-2000-0761 | 1 Ibm | 1 Os2 Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username. | |||||
CVE-2002-1359 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-2003-1297 | 1 Efs Software | 1 Efs Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. | |||||
CVE-2003-0714 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 7.5 HIGH | N/A |
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000. | |||||
CVE-2002-1015 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2024-02-28 | 7.5 HIGH | N/A |
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers. | |||||
CVE-2003-0214 | 1 Debian | 1 Mime-support | 2024-02-28 | 4.6 MEDIUM | N/A |
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2001-0890 | 1 Sane | 1 Sane | 2024-02-28 | 2.1 LOW | N/A |
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files. | |||||
CVE-2003-1419 | 1 Netscape | 1 Navigator | 2024-02-28 | 4.3 MEDIUM | N/A |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | |||||
CVE-2002-0841 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0842. Reason: This candidate is a duplicate of CVE-2002-0842. The duplicate assignment was made before public disclosure. Notes: none | |||||
CVE-2004-2015 | 1 Webct | 1 Webct | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags. |