Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0049 | 1 Nullsoft | 1 Winamp | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file. | |||||
| CVE-2000-0050 | 1 Allaire | 1 Spectra | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. | |||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | |||||
| CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
| CVE-2000-0127 | 1 Progress | 1 Webspeed | 2008-09-10 | 7.5 HIGH | N/A |
| The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll. | |||||
| CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2008-09-10 | 5.0 MEDIUM | N/A |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
| CVE-2000-0126 | 1 Microsoft | 1 Internet Information Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. | |||||
| CVE-2000-0056 | 1 Ipswitch | 1 Imail | 2008-09-10 | 5.0 MEDIUM | N/A |
| IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi. | |||||
| CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 7.5 HIGH | N/A |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | |||||
| CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2008-09-10 | 5.0 MEDIUM | N/A |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | |||||
| CVE-2000-0059 | 1 Php | 1 Php | 2008-09-10 | 10.0 HIGH | N/A |
| PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands. | |||||
| CVE-2000-0107 | 1 Debian | 1 Debian Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Linux apcd program allows local attackers to modify arbitrary files via a symlink attack. | |||||
| CVE-1999-1314 | 1 Freebsd | 1 Freebsd | 2008-09-10 | 2.1 LOW | N/A |
| Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_union commands. | |||||
| CVE-1999-1416 | 1 Inso | 1 Dwhttpd | 2008-09-10 | 5.0 MEDIUM | N/A |
| AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length. | |||||
| CVE-1999-1450 | 1 Sco | 2 Openserver, Unixware | 2008-09-10 | 7.5 HIGH | N/A |
| Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges. | |||||
| CVE-1999-1298 | 1 Freebsd | 1 Freebsd | 2008-09-10 | 7.5 HIGH | N/A |
| Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources. | |||||
| CVE-1999-1444 | 1 Computer Software Manufaktur | 1 Alibaba | 2008-09-10 | 5.0 MEDIUM | N/A |
| genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext. | |||||
| CVE-1999-1319 | 1 Sgi | 1 Irix | 2008-09-10 | 10.0 HIGH | N/A |
| Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations. | |||||
| CVE-1999-1329 | 1 Redhat | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. | |||||
| CVE-1999-1331 | 1 Redhat | 1 Linux | 2008-09-10 | 2.1 LOW | N/A |
| netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface. | |||||
| CVE-1999-1134 | 1 Hp | 1 Hp-ux | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. | |||||
| CVE-1999-1180 | 1 Oreilly | 2 Website, Website Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat. | |||||
| CVE-1999-1174 | 1 Iomega | 1 Zip 100 Mb Drive | 2008-09-10 | 4.6 MEDIUM | N/A |
| ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk. | |||||
| CVE-1999-1403 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2008-09-10 | 7.2 HIGH | N/A |
| IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, directories, and IPC message queues with insecure permissions (world-readable and world-writable), which could allow local users to disrupt operations and possibly gain privileges by modifying or deleting files. | |||||
| CVE-1999-1404 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2008-09-10 | 5.0 MEDIUM | N/A |
| IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attackers to cause a denial of service (resource exhaustion) via malformed data to the localtracker client port (5011), which prevents the connection from being closed properly. | |||||
| CVE-1999-1457 | 1 Thttpd | 1 Thttpd Http Server | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function. | |||||
| CVE-1999-1169 | 1 Flavio Veloso | 1 Nobo | 2008-09-10 | 5.0 MEDIUM | N/A |
| nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets. | |||||
| CVE-1999-1417 | 1 Inso | 1 Answerbook2 | 2008-09-10 | 7.5 HIGH | N/A |
| Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged. | |||||
| CVE-1999-1468 | 4 Cray, Next, Sgi and 1 more | 4 Unicos, Next, Irix and 1 more | 2008-09-10 | 6.2 MEDIUM | N/A |
| rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. | |||||
| CVE-2000-0001 | 1 Realnetworks | 1 Realserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. | |||||
| CVE-1999-0904 | 1 Byte Fusion | 1 Bftelnet | 2008-09-09 | 5.0 MEDIUM | N/A |
| Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username. | |||||
| CVE-1999-1074 | 1 Webmin | 1 Webmin | 2008-09-09 | 7.5 HIGH | N/A |
| Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | |||||
| CVE-1999-1039 | 1 Sgi | 1 Irix | 2008-09-09 | 7.2 HIGH | N/A |
| Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise. | |||||
| CVE-1999-1009 | 1 Disney | 1 Go Express Search | 2008-09-09 | 2.6 LOW | N/A |
| The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. | |||||
| CVE-1999-1004 | 1 Symantec | 1 Norton Antivirus | 2008-09-09 | 5.0 MEDIUM | N/A |
| Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command. | |||||
| CVE-1999-1003 | 1 Jgaa | 1 Warftpd | 2008-09-09 | 5.0 MEDIUM | N/A |
| War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections. | |||||
| CVE-1999-1001 | 1 Cisco | 1 Cache Engine | 2008-09-09 | 2.6 LOW | N/A |
| Cisco Cache Engine allows a remote attacker to gain access via a null username and password. | |||||
| CVE-1999-1000 | 1 Cisco | 1 Cache Engine | 2008-09-09 | 5.0 MEDIUM | N/A |
| The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. | |||||
| CVE-1999-0998 | 1 Cisco | 1 Cache Engine | 2008-09-09 | 5.0 MEDIUM | N/A |
| Cisco Cache Engine allows an attacker to replace content in the cache. | |||||
| CVE-1999-0996 | 1 Infoseek | 1 Ultraseek Server | 2008-09-09 | 7.5 HIGH | N/A |
| Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. | |||||
| CVE-1999-0991 | 1 Goodtech | 1 Telnet Server Nt | 2008-09-09 | 5.0 MEDIUM | N/A |
| Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. | |||||
| CVE-1999-0990 | 1 Gnome | 1 Gdm | 2008-09-09 | 2.1 LOW | N/A |
| Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system. | |||||
| CVE-1999-0989 | 1 Microsoft | 1 Ie | 2008-09-09 | 7.5 HIGH | N/A |
| Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. | |||||
| CVE-1999-0988 | 1 Sco | 1 Unixware | 2008-09-09 | 7.2 HIGH | N/A |
| UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. | |||||
| CVE-1999-0986 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2008-09-09 | 5.0 MEDIUM | N/A |
| The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. | |||||
| CVE-1999-0985 | 1 Cc | 1 Cc Whois | 2008-09-09 | 7.5 HIGH | N/A |
| CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. | |||||
| CVE-1999-0984 | 1 Matts Whois | 1 Matts Whois | 2008-09-09 | 7.5 HIGH | N/A |
| Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. | |||||
| CVE-1999-0983 | 1 Internic | 1 Whois Lookup | 2008-09-09 | 7.5 HIGH | N/A |
| Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. | |||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2008-09-09 | 7.2 HIGH | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||||
| CVE-1999-0978 | 1 Debian | 1 Debian Linux | 2008-09-09 | 7.5 HIGH | N/A |
| htdig allows remote attackers to execute commands via filenames with shell metacharacters. | |||||