Total
266069 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0722 | 1 Helix Code | 1 Gnome Updater | 2024-02-28 | 6.2 MEDIUM | N/A |
Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM packages by creating the /tmp/helix-install installation directory before root has begun installing packages. | |||||
CVE-2001-1065 | 1 Cisco | 1 Cbos | 2024-02-28 | 5.0 MEDIUM | N/A |
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | |||||
CVE-2004-0095 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-02-28 | 5.0 MEDIUM | N/A |
McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow. | |||||
CVE-2004-1692 | 1 Mambo | 1 Mambo Open Source | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters. | |||||
CVE-1999-0055 | 2 Ibm, Sun | 3 Aix, Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflows in Sun libnsl allow root access. | |||||
CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | |||||
CVE-2003-1186 | 1 Telcondex | 1 Simplewebserver | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | |||||
CVE-2001-0054 | 1 Solarwinds | 1 Serv-u File Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | |||||
CVE-2004-1861 | 1 Netsupport | 1 Netsupport School | 2024-02-28 | 4.6 MEDIUM | N/A |
Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain passwords. | |||||
CVE-1999-0772 | 1 Compaq | 2 Insight Management Agent, Power Management | 2024-02-28 | 6.4 MEDIUM | N/A |
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. | |||||
CVE-2001-1457 | 1 Nobreak Technologies | 1 Crazywwwboard | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTP_USER_AGENT CGI environment variable. | |||||
CVE-2002-2032 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 5.0 MEDIUM | N/A |
sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php. | |||||
CVE-2002-1099 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages. | |||||
CVE-2002-0053 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. | |||||
CVE-2001-0803 | 1 Open Group | 1 Cde Common Desktop Environment | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. | |||||
CVE-2000-1011 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. | |||||
CVE-2002-1261 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1292. Reason: This candidate is a reservation duplicate of CVE-2002-1292. Notes: All CVE users should reference CVE-2002-1292 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-1999-0005 | 2 Netscape, University Of Washington | 2 Messaging Server, Imap | 2024-02-28 | 10.0 HIGH | N/A |
Arbitrary command execution via IMAP buffer overflow in authenticate command. | |||||
CVE-1999-1109 | 1 Sendmail | 1 Sendmail | 2024-02-28 | 5.0 MEDIUM | N/A |
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated. | |||||
CVE-2002-1353 | 1 Intranet-server | 1 Localweb2000 | 2024-02-28 | 5.0 MEDIUM | N/A |
LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst. |