Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1265 | 1 Seatle Lab Software | 1 Slmail | 2018-05-03 | 5.0 MEDIUM | N/A |
| SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO. | |||||
| CVE-2000-0165 | 1 Etl | 1 Delegate | 2018-05-03 | 7.5 HIGH | N/A |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. | |||||
| CVE-2000-0573 | 1 Hp | 1 Hp-ux | 2018-05-03 | 10.0 HIGH | N/A |
| The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||||
| CVE-1999-1205 | 1 Hp | 1 Hp-ux | 2018-05-03 | 2.1 LOW | N/A |
| nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information. | |||||
| CVE-1999-0305 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. | |||||
| CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2018-05-03 | 7.2 HIGH | N/A |
| makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
| CVE-1999-0059 | 1 Sgi | 1 Irix | 2018-05-03 | 7.1 HIGH | N/A |
| IRIX fam service allows an attacker to obtain a list of all files on the server. | |||||
| CVE-2000-0670 | 1 Cvsweb Developer | 1 Cvsweb | 2018-05-03 | 7.2 HIGH | N/A |
| The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0212 | 1 Pragma Systems | 1 Interaccess Telnetd Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information. | |||||
| CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | |||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 10.0 HIGH | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | |||||
| CVE-1999-0884 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| The Zeus web server administrative interface uses weak encryption for its passwords. | |||||
| CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 10.0 HIGH | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | |||||
| CVE-1999-1156 | 1 Bisonware | 1 Bisonware Ftp Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | |||||
| CVE-1999-0751 | 1 Netscape | 1 Enterprise Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. | |||||
| CVE-1999-0149 | 1 Sgi | 1 Irix | 2018-05-03 | 7.5 HIGH | N/A |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. | |||||
| CVE-1999-0085 | 3 Freebsd, Ibm, Netbsd | 3 Freebsd, Aix, Netbsd | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. | |||||
| CVE-2000-0811 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 5.0 MEDIUM | N/A |
| Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | |||||
| CVE-1999-0262 | 1 Renaud Deraison | 1 Faxsurvey | 2018-05-03 | 7.5 HIGH | N/A |
| Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
| CVE-2000-0810 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 7.5 HIGH | N/A |
| Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | |||||
| CVE-1999-0351 | 1 Ftp | 1 Ftp Pasv | 2018-05-03 | 6.4 MEDIUM | N/A |
| FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. | |||||
| CVE-1999-0934 | 2018-05-03 | 5.0 MEDIUM | N/A | ||
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. | |||||
| CVE-2000-0584 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2018-05-03 | 5.0 MEDIUM | N/A |
| Teardrop IP denial of service. | |||||
| CVE-1999-0288 | 1 Microsoft | 1 Windows Nt | 2018-05-03 | 5.0 MEDIUM | N/A |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | |||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2018-05-03 | 7.2 HIGH | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | |||||
| CVE-1999-0270 | 1 Sgi | 1 Irix | 2018-05-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. | |||||
| CVE-2004-0180 | 1 Cvs | 1 Cvs | 2018-05-03 | 2.6 LOW | N/A |
| The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. | |||||
| CVE-2004-0418 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | |||||
| CVE-1999-0108 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| The printers program in IRIX has a buffer overflow that gives root access to local users. | |||||
| CVE-1999-1147 | 1 Platinum | 1 Policy Compliance Manager | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe. | |||||
| CVE-1999-0710 | 1 Redhat | 1 Linux | 2018-05-03 | 7.5 HIGH | N/A |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | |||||
| CVE-1999-0112 | 2 Cde, Ibm | 2 Cde, Aix | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in AIX dtterm program for the CDE. | |||||
| CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2018-05-03 | 7.2 HIGH | N/A |
| Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
| CVE-1999-0146 | 1 Ncsa | 2 Campas, Servers | 2018-05-03 | 7.5 HIGH | N/A |
| The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file. | |||||
| CVE-2000-0254 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 5.0 MEDIUM | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | |||||
| CVE-2000-0005 | 1 Hp | 3 9000, Aserver, Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. | |||||
| CVE-1999-1027 | 1 Sun | 1 Solaris | 2018-05-03 | 7.2 HIGH | N/A |
| Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||||
| CVE-2000-0007 | 1 Trend Micro | 1 Pc-cillin | 2018-05-03 | 5.0 MEDIUM | N/A |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | |||||
| CVE-2000-0585 | 1 Isc | 1 Dhcp Client | 2018-05-03 | 10.0 HIGH | N/A |
| ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2018-05-03 | 2.1 LOW | N/A |
| Trn allows local users to overwrite other users' files via symlinks. | |||||
| CVE-1999-1122 | 1 Sun | 1 Sunos | 2018-05-03 | 4.6 MEDIUM | N/A |
| Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. | |||||
| CVE-1999-0959 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-1999-0930 | 1 Matt Wright | 1 Wwwboard | 2018-05-03 | 5.0 MEDIUM | N/A |
| wwwboard allows a remote attacker to delete message board articles via a malformed argument. | |||||
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||||
| CVE-2004-0414 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | |||||
| CVE-2000-0120 | 1 Allaire | 1 Spectra | 2018-05-03 | 7.5 HIGH | N/A |
| The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter. | |||||
| CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
| CVE-2004-0417 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2018-05-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | |||||
| CVE-1999-0025 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| root privileges via buffer overflow in df command on SGI IRIX systems. | |||||