Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0248 | 1 Ssh | 1 Ssh | 2008-09-05 | 10.0 HIGH | N/A |
| A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials. | |||||
| CVE-1999-0299 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 9.3 HIGH | N/A |
| Buffer overflow in FreeBSD lpd through long DNS hostnames. | |||||
| CVE-2004-2684 | 1 Intersystems | 1 Cache Database | 2008-09-05 | 2.1 LOW | N/A |
| Unspecified vulnerability in the %template package in InterSystems Cache' 5.0 allows attackers to access certain files on a server, including (1) cache.key and (2) cache.dat, related to .csp files under (a) Dev\studio\templates and (b) Devuser\studio\templates. | |||||
| CVE-2004-2182 | 1 Macromedia | 1 Jrun | 2008-09-05 | 7.5 HIGH | N/A |
| Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server. | |||||
| CVE-2005-1813 | 1 Futuresoft | 1 Tftp Server 2000 | 2008-09-05 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences. | |||||
| CVE-2004-2687 | 2 Apple, Samba | 2 Xcode, Samba | 2008-09-05 | 9.3 HIGH | N/A |
| distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | |||||
| CVE-2002-2230 | 1 Ikonboard | 1 Ikonboard | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328. | |||||
| CVE-1999-1589 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
| CVE-2004-2700 | 1 Aspdotnetstorefront | 1 Aspdotnetstorefront | 2008-09-05 | 9.0 HIGH | N/A |
| Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx. | |||||
| CVE-2004-2706 | 1 Phrozensmoke | 1 Gyach Enhanced | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. | |||||
| CVE-2002-1432 | 1 Coxco Support | 7 A-cart, Metacart, Midicart Asp and 4 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database. | |||||
| CVE-2005-1812 | 1 Futuresoft | 1 Tftp Server 2000 | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet. | |||||
| CVE-2004-2683 | 1 Intersystems | 1 Cache | 2008-09-05 | 2.1 LOW | N/A |
| Unspecified vulnerability in the %XML.Utils.SchemaServer class in InterSystems Cache' 5.0 allows attackers to access arbitrary files on a server. | |||||
| CVE-2005-4849 | 1 Apache | 1 Derby | 2008-09-05 | 5.0 MEDIUM | N/A |
| Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information. | |||||
| CVE-1999-0635 | 2007-07-13 | 0.0 LOW | N/A | ||
| The echo service is running. | |||||
| CVE-2001-0291 | 2005-10-20 | 10.0 HIGH | N/A | ||
| Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters. | |||||
| CVE-2003-0565 | 2005-10-20 | 5.0 MEDIUM | N/A | ||
| Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
| CVE-2000-0889 | 2005-10-20 | 5.1 MEDIUM | N/A | ||
| Two Sun security certificates have been compromised, which could allow attackers to insert malicious code such as applets and make it appear that it is signed by Sun. | |||||