Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0620 | 1 Iplanet | 1 Calendar Server | 2017-12-18 | 2.1 LOW | N/A |
| iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions. | |||||
| CVE-2001-0519 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2017-12-18 | 7.5 HIGH | N/A |
| Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags. | |||||
| CVE-1999-1069 | 1 Icat | 1 Electronic Commerce Suite | 2017-12-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter. | |||||
| CVE-2001-0562 | 1 Drummond Miles | 1 A1stats | 2017-12-18 | 7.5 HIGH | N/A |
| a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters. | |||||
| CVE-2001-0263 | 1 Gene6 | 1 G6 Ftp Server | 2017-12-18 | 7.5 HIGH | N/A |
| Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled. | |||||
| CVE-1999-1097 | 1 Microsoft | 1 Netmeeting | 2017-12-18 | 6.4 MEDIUM | N/A |
| Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty. | |||||
| CVE-1999-1071 | 1 Excite | 1 Ews | 2017-12-18 | 7.2 HIGH | N/A |
| Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. | |||||
| CVE-2001-0737 | 1 Logitech | 4 Cordless Freedom, Cordless Freedom Navigator, Cordless Freedom Pro and 1 more | 2017-12-18 | 7.5 HIGH | N/A |
| A long 'synch' delay in Logitech wireless mice and keyboard receivers allows a remote attacker to hijack connections via a man-in-the-middle attack. | |||||
| CVE-2001-0436 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2017-12-18 | 7.5 HIGH | N/A |
| dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program. | |||||
| CVE-2001-0086 | 1 Cgi Script Center | 1 Subscribe Me Lite | 2017-12-18 | 5.0 MEDIUM | N/A |
| CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter. | |||||
| CVE-2001-0451 | 1 Sentraweb | 1 Indexu | 2017-12-18 | 7.5 HIGH | N/A |
| INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1. | |||||
| CVE-2001-0450 | 1 Transsoft | 1 Broker Ftp Server | 2017-12-18 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name. | |||||
| CVE-1999-1081 | 1 Novell | 1 Web Server | 2017-12-18 | 5.0 MEDIUM | N/A |
| Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files. | |||||
| CVE-2001-0188 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2017-12-18 | 5.0 MEDIUM | N/A |
| GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash. | |||||
| CVE-2001-0623 | 1 Sendfile | 1 Sendfile | 2017-12-18 | 4.6 MEDIUM | N/A |
| sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges. | |||||
| CVE-2001-0051 | 1 Ibm | 1 Db2 Universal Database | 2017-12-18 | 7.5 HIGH | N/A |
| IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database. | |||||
| CVE-1999-1091 | 2 Rtin, Tin | 2 Rtin, Tin | 2017-12-18 | 5.0 MEDIUM | N/A |
| UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack. | |||||
| CVE-2001-0052 | 1 Ibm | 1 Db2 Universal Database | 2017-12-18 | 2.1 LOW | N/A |
| IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. | |||||
| CVE-1999-1106 | 1 Kde | 1 Kde | 2017-12-18 | 7.2 HIGH | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | |||||
| CVE-1999-1107 | 1 Kde | 1 Kde | 2017-12-18 | 7.2 HIGH | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. | |||||