Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0122 | 1 Ibm | 2 Lotus Domino, Lotus Notes Client | 2017-12-12 | 5.0 MEDIUM | N/A |
| Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. | |||||
| CVE-2002-1859 | 1 Orionserver | 1 Orion Application Server | 2017-11-30 | 5.0 MEDIUM | N/A |
| Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
| CVE-2000-0346 | 1 Apple | 1 Appleshare | 2017-11-27 | 5.0 MEDIUM | N/A |
| AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | |||||
| CVE-2012-0315 | 1 Estsoft | 1 Alftp | 2017-11-22 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file. | |||||
| CVE-2006-5988 | 1 Microsoft | 1 Windows 2000 | 2017-11-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Windows 2000 Advanced Server SP4 running Active Directory allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain VulnDisco Pack module. NOTE: the provenance of this information is unknown; the details are obtained from third party information. As of 20061116, this disclosure has no actionable information. However, since the VulnDisco Pack author is a reliable researcher, the disclosure is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2003-0123 | 1 Ibm | 2 Lotus Domino, Lotus Notes Client | 2017-11-22 | 5.0 MEDIUM | N/A |
| Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. | |||||
| CVE-2002-2132 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-11-21 | 2.1 LOW | N/A |
| Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | |||||
| CVE-1999-1015 | 1 Apple | 1 Appleshare Mail Server | 2017-11-21 | 5.0 MEDIUM | N/A |
| Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |||||
| CVE-2012-4969 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server and 3 more | 2017-11-21 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. | |||||
| CVE-2007-1504 | 1 Fujitsu | 2 Interstage Application Server, Interstage Apworks | 2017-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Servlet Service in Fujitsu Interstage Application Server (IJServer) 8.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving web.xml and HTTP 404 and 500 status codes. | |||||
| CVE-2005-0755 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2017-11-21 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. | |||||
| CVE-2013-3433 | 1 Cisco | 1 Unified Communications Manager | 2017-11-17 | 6.8 MEDIUM | N/A |
| Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276. | |||||
| CVE-2013-3434 | 1 Cisco | 1 Unified Communications Manager | 2017-11-17 | 6.8 MEDIUM | N/A |
| Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242. | |||||
| CVE-2012-6271 | 1 Adobe | 1 Shockwave Player | 2017-11-16 | 9.3 HIGH | N/A |
| Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of arbitrary signed Xtras via a Shockwave movie that contains an Xtra URL, as demonstrated by a URL for an outdated Xtra. | |||||
| CVE-2012-6270 | 1 Adobe | 1 Shockwave Player | 2017-11-16 | 9.3 HIGH | N/A |
| Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a "downgrading" attack. | |||||
| CVE-2005-0189 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. | |||||
| CVE-2005-0191 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 5.1 MEDIUM | N/A |
| Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag. | |||||
| CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-11-16 | 2.6 LOW | N/A |
| Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. | |||||
| CVE-2007-6358 | 1 Glyph And Cog | 1 Pdftops | 2017-11-15 | 4.9 MEDIUM | N/A |
| pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS. | |||||
| CVE-2014-3569 | 1 Openssl | 1 Openssl | 2017-11-14 | 5.0 MEDIUM | N/A |
| The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix. | |||||