Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1158 | 1 Network Associates | 1 Sniffer Agent | 2025-04-03 | N/A |
| NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords. | ||||
| CVE-1999-1273 | 1 National Science Foundation | 1 Squid Web Proxy | 2025-04-03 | N/A |
| Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. | ||||
| CVE-2001-0228 | 1 Goahead Software | 1 Goahead Webserver | 2025-04-03 | N/A |
| Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request. | ||||
| CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 4 Debian Linux, Micq, Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | ||||
| CVE-2000-1173 | 1 Microsys | 1 Cyberpatrol | 2025-04-03 | N/A |
| Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information. | ||||
| CVE-2000-1179 | 1 Netopia | 1 650-st Isdn Router | 2025-04-03 | N/A |
| Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters. | ||||
| CVE-1999-1277 | 1 Backweb Technologies | 1 Backweb Client | 2025-04-03 | N/A |
| BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. | ||||
| CVE-2002-1033 | 1 Sun | 1 I-runbook | 2025-04-03 | N/A |
| Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via a "..:" sequence (dot-dot variant) in the argument. | ||||
| CVE-1999-1285 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | ||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | ||||
| CVE-2005-2963 | 1 Mod Auth Shadow | 1 Mod Auth Shadow | 2025-04-03 | N/A |
| The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions. | ||||
| CVE-2000-1188 | 1 I-soft | 1 Quikstore | 2025-04-03 | N/A |
| Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter. | ||||
| CVE-2002-1036 | 1 Zoltan Milosevic | 1 Fluid Dynamics Search Engine | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters. | ||||
| CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2025-04-03 | N/A |
| The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | ||||
| CVE-2003-0726 | 1 Realnetworks | 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player | 2025-04-03 | N/A |
| RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag. | ||||
| CVE-2005-2968 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2025-04-03 | N/A |
| Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash. | ||||
| CVE-2004-1903 | 1 Blaxxun | 1 Contact 3d | 2025-04-03 | N/A |
| Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL property inside an object tag. | ||||
| CVE-1999-1304 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2025-04-03 | N/A |
| Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access. | ||||
| CVE-2000-1197 | 1 University Of Washington | 1 Imap | 2025-04-03 | N/A |
| POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes. | ||||
| CVE-2002-1038 | 1 Michael Dean | 1 Double Choco Latte | 2025-04-03 | N/A |
| Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features. | ||||