Total
265971 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0649 | 1 Apple | 1 Personal Web Sharing | 2024-02-28 | 5.0 MEDIUM | N/A |
Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request. | |||||
CVE-2001-0653 | 1 Sendmail | 1 Sendmail | 2024-02-28 | 4.6 MEDIUM | N/A |
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number. | |||||
CVE-2003-1374 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | |||||
CVE-2002-0190 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | |||||
CVE-2004-1456 | 1 Cvstrac | 1 Cvstrac | 2024-02-28 | 7.5 HIGH | N/A |
filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo. | |||||
CVE-2000-0960 | 1 Netscape | 1 Messaging Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse. | |||||
CVE-2004-2095 | 1 Niels Provos | 1 Honeyd | 2024-02-28 | 5.0 MEDIUM | N/A |
Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd. | |||||
CVE-2001-1574 | 1 Trend Micro | 1 Interscan Viruswall | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code. | |||||
CVE-2001-0468 | 1 Ftpfs | 1 Ftpfs | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. | |||||
CVE-2004-2230 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 2.1 LOW | N/A |
Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | |||||
CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | |||||
CVE-2003-0098 | 2 Apcupsd, Debian | 2 Apcupsd, Debian Linux | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||||
CVE-1999-0633 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The HTTP/WWW service is running. | |||||
CVE-2003-0814 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability. | |||||
CVE-2003-0832 | 1 Webfs | 1 Webfs | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header. | |||||
CVE-1999-0113 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
Some implementations of rlogin allow root access if given a -froot parameter. | |||||
CVE-2004-1513 | 1 Soft3304 | 1 04webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries. | |||||
CVE-2001-0970 | 1 Tdavid | 1 Td Forum | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum12.cgi) allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script. | |||||
CVE-2002-0617 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 5.1 MEDIUM | N/A |
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass." | |||||
CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. |