Total
266068 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0163 | 1 Cisco | 1 Aironet Ap340 | 2024-02-28 | 4.6 MEDIUM | N/A |
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
CVE-2000-0961 | 1 Netscape | 2 Messaging Server, Netscape Messaging Server Multiplexor | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command. | |||||
CVE-2004-1755 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 7.5 HIGH | N/A |
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges. | |||||
CVE-2001-0602 | 1 Lotus | 1 Domino R5 Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices. | |||||
CVE-2002-1588 | 1 Sun | 1 Openwindows | 2024-02-28 | 5.0 MEDIUM | N/A |
Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service (mailtool segmentation violation and crash) via a malformed mail attachment. | |||||
CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2024-02-28 | 10.0 HIGH | N/A |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||||
CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
CVE-2002-0341 | 1 Novell | 1 Groupwise | 2024-02-28 | 5.0 MEDIUM | N/A |
GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter. | |||||
CVE-2000-0992 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. | |||||
CVE-2004-1895 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies. | |||||
CVE-2004-0168 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging." | |||||
CVE-2001-0261 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 2.1 LOW | N/A |
Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files. | |||||
CVE-2002-0957 | 1 Iss | 1 Blackice Agent | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user. | |||||
CVE-2001-1084 | 1 Macromedia | 1 Jrun | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message. | |||||
CVE-2002-1294 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-28 | 7.5 HIGH | N/A |
The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activities via an applet that uses those references to access proprietary Microsoft methods. | |||||
CVE-2000-0449 | 1 Omnis | 1 Studio | 2024-02-28 | 10.0 HIGH | N/A |
Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | |||||
CVE-2001-1319 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter type field, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2004-2235 | 1 Moodle | 1 Moodle | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | |||||
CVE-2003-0382 | 2 Debian, Michael Jennings | 2 Debian Linux, Eterm | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | |||||
CVE-1999-1403 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2024-02-28 | 7.2 HIGH | N/A |
IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, directories, and IPC message queues with insecure permissions (world-readable and world-writable), which could allow local users to disrupt operations and possibly gain privileges by modifying or deleting files. |