Total
267717 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1173 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model (DOM) methods in the DHTML Dynamic HTML (DHTML) Editing Component (DEC) and Javascript that calls showModalDialog. | |||||
CVE-2003-0724 | 1 Compaq | 1 Tru64 | 2024-02-28 | 7.5 HIGH | N/A |
ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges. | |||||
CVE-2004-1736 | 1 The Cacti Group | 1 Cacti | 2024-02-28 | 5.0 MEDIUM | N/A |
Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message. | |||||
CVE-2003-1562 | 1 Openbsd | 1 Openssh | 2024-02-28 | 7.6 HIGH | N/A |
sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190. | |||||
CVE-1999-1093 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.1 MEDIUM | N/A |
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | |||||
CVE-1999-0108 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
The printers program in IRIX has a buffer overflow that gives root access to local users. | |||||
CVE-2000-0325 | 1 Microsoft | 1 Jet | 2024-02-28 | 7.2 HIGH | N/A |
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability. | |||||
CVE-2000-0334 | 1 Allaire | 1 Spectra | 2024-02-28 | 2.1 LOW | N/A |
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. | |||||
CVE-2003-1444 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2024-02-28 | 4.4 MEDIUM | N/A |
Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname. | |||||
CVE-2002-1170 | 1 Net-snmp | 1 Net-snmp | 2024-02-28 | 5.0 MEDIUM | N/A |
The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference. | |||||
CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2024-02-28 | 5.0 MEDIUM | N/A |
ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. | |||||
CVE-2001-1429 | 1 Midnight Commander | 1 Midnight Commander | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file. | |||||
CVE-1999-1469 | 1 Hughes Technologies | 1 W3-auth | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header. | |||||
CVE-2000-0851 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability. | |||||
CVE-2004-1760 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2024-02-28 | 10.0 HIGH | N/A |
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. | |||||
CVE-2001-1428 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2024-02-28 | 7.5 HIGH | N/A |
The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which allows remote attackers to gain unauthorized access. | |||||
CVE-2001-1447 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.2 HIGH | N/A |
NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. | |||||
CVE-2000-0460 | 1 Kde | 1 Kde | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
CVE-1999-1224 | 1 University Of Washington | 1 Imapd | 2024-02-28 | 3.6 LOW | N/A |
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information. | |||||
CVE-2004-0598 | 1 Greg Roelofs | 1 Libpng | 2024-02-28 | 5.0 MEDIUM | N/A |
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. |