Vulnerabilities (CVE)

Total 268494 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0417 1 Mit 2 Kerberos, Kerberos 5 2024-02-28 2.1 LOW N/A
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.
CVE-2004-0494 2 Avaya, Redhat 4 Cvlan, Enterprise Linux, Enterprise Linux Desktop and 1 more 2024-02-28 7.5 HIGH N/A
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
CVE-2002-0393 1 Red-m 1 1050ap Lan Acess Point 2024-02-28 10.0 HIGH N/A
Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password.
CVE-1999-0902 1 Linux-nis 1 Ypserv 2024-02-28 7.2 HIGH N/A
ypserv allows local administrators to modify password tables.
CVE-2004-0656 1 Pureftpd 1 Pureftpd 2024-02-28 5.0 MEDIUM N/A
The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
CVE-1999-0341 2 Debian, Slackware 2 Debian Linux, Slackware Linux 2024-02-28 7.2 HIGH N/A
Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.
CVE-2000-0586 1 Dalnet 1 Ircd 2024-02-28 10.0 HIGH N/A
Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command.
CVE-2004-2071 1 Macallan 1 Mail Solution 2024-02-28 7.5 HIGH N/A
Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after the server name.
CVE-2000-0075 1 Nosque 1 Msgcore 2024-02-28 5.0 MEDIUM N/A
Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session.
CVE-1999-0056 1 Sun 1 Sunos 2024-02-28 7.2 HIGH N/A
Buffer overflow in Sun's ping program can give root access to local users.
CVE-2002-1151 1 Kde 2 Kde, Konqueror 2024-02-28 7.5 HIGH N/A
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.
CVE-2004-0780 1 Sun 2 Solaris, Sunos 2024-02-28 7.2 HIGH N/A
Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.
CVE-2000-0905 1 Qnx 1 Voyager 2024-02-28 5.0 MEDIUM N/A
QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page.
CVE-2003-1038 1 Sap 1 Internet Transaction Server 2024-02-28 5.0 MEDIUM N/A
The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames.
CVE-1999-0588 2024-02-28 7.5 HIGH N/A
A filter in a router or firewall allows unusual fragmented packets.
CVE-1999-0051 3 Globetrotter, Sgi, Sun 5 Flexlm, Irix, License Oeo and 2 more 2024-02-28 7.2 HIGH N/A
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
CVE-2003-0968 1 Freeradius 1 Freeradius 2024-02-28 10.0 HIGH N/A
Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.
CVE-2001-0500 1 Microsoft 3 Index Server, Indexing Service, Internet Information Server 2024-02-28 10.0 HIGH N/A
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
CVE-1999-1075 1 Ibm 1 Aix 2024-02-28 5.0 MEDIUM N/A
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd.
CVE-2002-0566 1 Oracle 4 Application Server, Application Server Web Cache, Oracle8i and 1 more 2024-02-28 5.0 MEDIUM N/A
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type.