Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0696 | 1 Sun | 1 Solaris Answerbook2 | 2017-12-18 | 7.5 HIGH | N/A |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. | |||||
| CVE-1999-1274 | 1 Ipass | 1 Roamserver | 2017-12-18 | 6.4 MEDIUM | N/A |
| iPass RoamServer 3.1 creates temporary files with world-writable permissions. | |||||
| CVE-2001-0964 | 1 Valve Software | 1 Half-life | 2017-12-18 | 7.5 HIGH | N/A |
| Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command. | |||||
| CVE-1999-1275 | 1 Ibm | 1 Lotus Cc Mail | 2017-12-18 | 4.6 MEDIUM | N/A |
| Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-1999-1277 | 1 Backweb Technologies | 1 Backweb Client | 2017-12-18 | 4.6 MEDIUM | N/A |
| BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. | |||||
| CVE-1999-1278 | 1 Nlog | 1 Nlog | 2017-12-18 | 7.5 HIGH | N/A |
| nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl. | |||||
| CVE-1999-1295 | 1 Transarc | 1 Dce Distributed File System | 2017-12-18 | 4.6 MEDIUM | N/A |
| Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS. | |||||
| CVE-2001-0614 | 1 Carello | 1 E-commerce | 2017-12-18 | 7.5 HIGH | N/A |
| Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL. | |||||
| CVE-1999-1280 | 1 Hummingbird | 1 Exceed | 2017-12-18 | 7.5 HIGH | N/A |
| Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file. | |||||
| CVE-1999-1150 | 1 Livingston Portmaster | 1 Portmaster | 2017-12-18 | 7.5 HIGH | N/A |
| Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions. | |||||
| CVE-1999-1281 | 1 Winddance Networks Corporation | 1 Breeze Network Server | 2017-12-18 | 5.0 MEDIUM | N/A |
| Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2017-12-18 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-1999-1283 | 1 Opera Software | 1 Opera Web Browser | 2017-12-18 | 5.0 MEDIUM | N/A |
| Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. | |||||
| CVE-1999-1151 | 1 Compaq Microcom | 1 Microcom 6000 Access Integrator | 2017-12-18 | 5.0 MEDIUM | N/A |
| Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password. | |||||
| CVE-1999-1285 | 1 Linux | 1 Linux Kernel | 2017-12-18 | 2.1 LOW | N/A |
| Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | |||||
| CVE-2001-0974 | 1 Oracle | 1 Internet Directory | 2017-12-18 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-0975 | 1 Oracle | 1 Internet Directory | 2017-12-18 | 7.5 HIGH | N/A |
| Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-1999-1286 | 1 Sgi | 1 Irix | 2017-12-18 | 7.2 HIGH | N/A |
| addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file. | |||||
| CVE-1999-1287 | 1 Stephen Turner | 1 Analog | 2017-12-18 | 5.0 MEDIUM | N/A |
| Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface. | |||||
| CVE-2001-0360 | 1 Ikonboard.com | 1 Ikonboard | 2017-12-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter. | |||||