Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4879 | 1 Mozilla | 2 Firefox, Seamonkey | 2018-10-30 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains. | |||||
| CVE-2011-0588 | 2 Adobe, Microsoft | 3 Acrobat, Acrobat Reader, Windows | 2018-10-30 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0570. | |||||
| CVE-2011-0570 | 2 Adobe, Microsoft | 3 Acrobat, Acrobat Reader, Windows | 2018-10-30 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588. | |||||
| CVE-2011-0562 | 2 Adobe, Microsoft | 3 Acrobat, Acrobat Reader, Windows | 2018-10-30 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588. | |||||
| CVE-2007-6480 | 1 Sun | 2 Management\+center, Sunos | 2018-10-30 | 9.4 HIGH | N/A |
| The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code. | |||||
| CVE-2008-1057 | 1 Openbsd | 1 Openbsd | 2018-10-30 | 7.8 HIGH | N/A |
| The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers. | |||||
| CVE-2008-1058 | 1 Openbsd | 1 Openbsd | 2018-10-30 | 7.8 HIGH | N/A |
| The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1480 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 4.3 MEDIUM | N/A |
| rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request. | |||||
| CVE-2008-3630 | 2 Apple, Microsoft | 6 Bonjour, Windows-nt, Windows 2000 and 3 more | 2018-10-30 | 6.4 MEDIUM | N/A |
| mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API for unicast DNS, does not choose random values for transaction IDs or source ports in DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. | |||||
| CVE-2008-5089 | 1 Datadynamics | 1 Activereports | 2018-10-30 | 9.3 HIGH | N/A |
| Multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (arview2.ocx) in Data Dynamics ActiveReports 2.5.0.1314 allow remote attackers to overwrite arbitrary files via a call to the (1) Pages.Save, (2) PrintReport, or (3) Canvas.Save method. | |||||
| CVE-2008-5550 | 1 Sun | 3 Java Web Console, Solaris, Sunos | 2018-10-30 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter. | |||||
| CVE-2000-0630 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2018-10-30 | 5.0 MEDIUM | N/A |
| IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability. | |||||
| CVE-2000-0631 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2018-10-30 | 5.0 MEDIUM | N/A |
| An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability. | |||||
| CVE-2001-0004 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2018-10-30 | 5.0 MEDIUM | N/A |
| IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. | |||||
| CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2018-10-30 | 5.0 MEDIUM | N/A |
| Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | |||||
| CVE-2000-0746 | 1 Microsoft | 3 Frontpage, Internet Information Server, Internet Information Services | 2018-10-30 | 7.5 HIGH | N/A |
| Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities. | |||||
| CVE-1999-0158 | 1 Cisco | 1 Pix Firewall Software | 2018-10-30 | 5.0 MEDIUM | N/A |
| Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known. | |||||
| CVE-2000-0770 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2018-10-30 | 6.4 MEDIUM | N/A |
| IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability. | |||||
| CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2018-10-30 | 5.0 MEDIUM | N/A |
| IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | |||||
| CVE-2000-0884 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2018-10-30 | 7.5 HIGH | N/A |
| IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability. | |||||