Total
266068 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0079 | 1 W3c | 1 Cern Httpd | 2024-02-28 | 7.5 HIGH | N/A |
The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL. | |||||
CVE-2004-1749 | 1 Toplayer | 1 Attack Mitigator | 2024-02-28 | 5.0 MEDIUM | N/A |
Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests. | |||||
CVE-1999-0413 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. | |||||
CVE-2003-0372 | 1 Nessus | 1 Nessus | 2024-02-28 | 4.6 MEDIUM | N/A |
Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script. | |||||
CVE-2004-2040 | 1 E107 | 1 E107 | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php. | |||||
CVE-2003-0781 | 1 Ecartis | 1 Ecartis | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords. | |||||
CVE-2003-0809 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page. | |||||
CVE-2004-0399 | 1 University Of Cambridge | 1 Exim | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. | |||||
CVE-2003-1085 | 1 Thomson | 2 Tcm Cable Modem, Tcw Cable Modem | 2024-02-28 | 5.0 MEDIUM | N/A |
The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow. | |||||
CVE-2004-2240 | 1 Phorum | 1 Phorum | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. | |||||
CVE-2004-0419 | 3 Gentoo, X.org, Xfree86 Project | 3 Linux, X11r6, Xdm | 2024-02-28 | 7.5 HIGH | N/A |
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | |||||
CVE-2002-0351 | 1 Matt Blaze | 1 Cfs | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x before 1.4.1-5, allow remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2002-1623 | 1 Checkpoint | 1 Vpn-1 Firewall-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote. | |||||
CVE-1999-0653 | 2024-02-28 | 10.0 HIGH | N/A | ||
A component service related to NIS+ is running. | |||||
CVE-1999-1143 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs. | |||||
CVE-2004-2234 | 1 Moodle | 1 Moodle | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | |||||
CVE-2000-0955 | 1 Cisco | 1 Virtual Central Office 4000 | 2024-02-28 | 7.5 HIGH | N/A |
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges. | |||||
CVE-2004-0244 | 1 Cisco | 1 Ios | 2024-02-28 | 4.7 MEDIUM | N/A |
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | |||||
CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | |||||
CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Teardrop IP denial of service. |