Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1078 | 1 Ipswitch | 1 Ws Ftp Pro | 2008-09-05 | 7.5 HIGH | N/A |
| WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. | |||||
| CVE-1999-1098 | 1 Bsd | 1 Bsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing. | |||||
| CVE-1999-1198 | 1 Next | 1 Next | 2008-09-05 | 7.2 HIGH | N/A |
| BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges. | |||||
| CVE-1999-1197 | 1 Sun | 1 Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges. | |||||
| CVE-1999-1103 | 1 Digital | 1 Osf 1 | 2008-09-05 | 4.6 MEDIUM | N/A |
| dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | |||||
| CVE-1999-1196 | 1 Hummingbird | 1 Exceed | 2008-09-05 | 5.0 MEDIUM | N/A |
| Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000. | |||||
| CVE-1999-1105 | 1 Microsoft | 1 Windows 95 | 2008-09-05 | 5.0 MEDIUM | N/A |
| Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. | |||||
| CVE-1999-1115 | 1 Hp | 1 Apollo Domain Os | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). | |||||
| CVE-1999-1190 | 1 Admiral Systems | 1 Emailclub | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message. | |||||
| CVE-1999-1124 | 1 Allaire | 1 Coldfusion | 2008-09-05 | 7.5 HIGH | N/A |
| HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host. | |||||
| CVE-1999-1181 | 1 Sgi | 1 Irix | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. | |||||
| CVE-1999-0810 | 1 Samba | 1 Samba | 2008-09-05 | 10.0 HIGH | N/A |
| Denial of service in Samba NETBIOS name service daemon (nmbd). | |||||
| CVE-1999-1179 | 1 Sysadmin Magazine | 1 Man.sh | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-0812 | 1 Samba | 1 Samba | 2008-09-05 | 7.6 HIGH | N/A |
| Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | |||||
| CVE-1999-0451 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 2.1 LOW | N/A |
| Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port. | |||||
| CVE-1999-0477 | 1 Allaire | 1 Coldfusion Server | 2008-09-05 | 7.5 HIGH | N/A |
| The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly. | |||||
| CVE-1999-0568 | 1 Sun | 1 Solaris | 2008-09-05 | 10.0 HIGH | N/A |
| rpc.admind in Solaris is not running in a secure mode. | |||||
| CVE-1999-0577 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | |||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 4.6 MEDIUM | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |||||
| CVE-1999-0570 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. | |||||
| CVE-1999-0744 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request. | |||||
| CVE-1999-0579 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | |||||
| CVE-1999-0453 | 1 Cisco | 1 Router | 2008-09-05 | 5.0 MEDIUM | N/A |
| An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP). | |||||
| CVE-1999-0460 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 2.1 LOW | N/A |
| Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. | |||||
| CVE-1999-0784 | 1 Oracle | 1 Database Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. | |||||
| CVE-1999-0400 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 4.6 MEDIUM | N/A |
| Denial of service in Linux 2.2.0 running the ldd command on a core file. | |||||
| CVE-1999-0560 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| A system-critical Windows NT file or directory has inappropriate permissions. | |||||
| CVE-1999-0730 | 1 Debian | 1 Debian Linux | 2008-09-05 | 10.0 HIGH | N/A |
| The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. | |||||
| CVE-1999-0581 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. | |||||
| CVE-1999-0140 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 5.0 MEDIUM | N/A |
| Denial of service in RAS/PPTP on NT systems. | |||||
| CVE-1999-0088 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. | |||||
| CVE-1999-0053 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| TCP RST denial of service in FreeBSD. | |||||
| CVE-1999-0231 | 1 Seattle Lab Software | 1 Slmail | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. | |||||
| CVE-1999-0123 | 1 Slackware | 1 Slackware Linux | 2008-09-05 | 3.7 LOW | N/A |
| Race condition in Linux mailx command allows local users to read user files. | |||||
| CVE-1999-0299 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 9.3 HIGH | N/A |
| Buffer overflow in FreeBSD lpd through long DNS hostnames. | |||||
| CVE-1999-0248 | 1 Ssh | 1 Ssh | 2008-09-05 | 10.0 HIGH | N/A |
| A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials. | |||||
| CVE-1999-0119 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| Windows NT 4.0 beta allows users to read and delete shares. | |||||
| CVE-1999-0089 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in AIX libDtSvc library can allow local users to gain root access. | |||||
| CVE-1999-0285 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. | |||||
| CVE-2008-3937 | 1 Opendb | 1 Opendb | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title parameter to listings.php, and the (3) redirect_url parameter to user_profile.php. | |||||
| CVE-2008-3939 | 1 Avtech | 1 Pager Enterprise | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | |||||
| CVE-2008-3938 | 1 Opendb | 1 Opendb | 2008-09-05 | 5.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action. | |||||
| CVE-2008-3935 | 1 D-ic | 2 Shop V50, Shop V52 | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and earlier and shop_v52 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-3893 | 1 Microsoft | 1 Windows Vista | 2008-09-05 | 1.9 LOW | N/A |
| Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer during boot, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. | |||||
| CVE-2008-2169 | 2 Avici, Hitachi | 4 Router, Gr2000, Gr3000 and 1 more | 2008-09-05 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | |||||
| CVE-2008-2170 | 1 Century Software | 1 Router | 2008-09-05 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | |||||
| CVE-2008-2173 | 1 Yamaha | 1 Router | 2008-09-05 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | |||||
| CVE-2002-2230 | 1 Ikonboard | 1 Ikonboard | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328. | |||||
| CVE-2003-1562 | 1 Openbsd | 1 Openssh | 2008-09-05 | 7.6 HIGH | N/A |
| sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190. | |||||
| CVE-2005-1813 | 1 Futuresoft | 1 Tftp Server 2000 | 2008-09-05 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences. | |||||