Vulnerabilities (CVE)

Total 267717 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-1173 1 Microsoft 1 Internet Explorer 2024-02-28 7.5 HIGH N/A
Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model (DOM) methods in the DHTML Dynamic HTML (DHTML) Editing Component (DEC) and Javascript that calls showModalDialog.
CVE-2003-0724 1 Compaq 1 Tru64 2024-02-28 7.5 HIGH N/A
ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges.
CVE-2004-1736 1 The Cacti Group 1 Cacti 2024-02-28 5.0 MEDIUM N/A
Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.
CVE-2003-1562 1 Openbsd 1 Openssh 2024-02-28 7.6 HIGH N/A
sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190.
CVE-1999-1093 1 Microsoft 1 Internet Explorer 2024-02-28 5.1 MEDIUM N/A
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.
CVE-1999-0108 1 Sgi 1 Irix 2024-02-28 7.2 HIGH N/A
The printers program in IRIX has a buffer overflow that gives root access to local users.
CVE-2000-0325 1 Microsoft 1 Jet 2024-02-28 7.2 HIGH N/A
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
CVE-2000-0334 1 Allaire 1 Spectra 2024-02-28 2.1 LOW N/A
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule.
CVE-2003-1444 1 Kaspersky Lab 1 Kaspersky Anti-virus 2024-02-28 4.4 MEDIUM N/A
Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.
CVE-2002-1170 1 Net-snmp 1 Net-snmp 2024-02-28 5.0 MEDIUM N/A
The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference.
CVE-2002-2075 1 Mirabilis 1 Icq 2024-02-28 5.0 MEDIUM N/A
ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number.
CVE-2001-1429 1 Midnight Commander 1 Midnight Commander 2024-02-28 4.6 MEDIUM N/A
Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file.
CVE-1999-1469 1 Hughes Technologies 1 W3-auth 2024-02-28 7.5 HIGH N/A
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
CVE-2000-0851 1 Microsoft 1 Windows 2000 2024-02-28 4.6 MEDIUM N/A
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
CVE-2004-1760 2 Cisco, Ibm 17 Call Manager, Conference Connection, Emergency Responder and 14 more 2024-02-28 10.0 HIGH N/A
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
CVE-2001-1428 1 Beck Ipc Gmbh 1 Ipc At Chip Embedded-webserver 2024-02-28 7.5 HIGH N/A
The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which allows remote attackers to gain unauthorized access.
CVE-2001-1447 1 Apple 1 Mac Os X 2024-02-28 7.2 HIGH N/A
NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.
CVE-2000-0460 1 Kde 1 Kde 2024-02-28 7.2 HIGH N/A
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
CVE-1999-1224 1 University Of Washington 1 Imapd 2024-02-28 3.6 LOW N/A
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
CVE-2004-0598 1 Greg Roelofs 1 Libpng 2024-02-28 5.0 MEDIUM N/A
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.