Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1029 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2017-10-09 | 2.1 LOW | N/A |
| libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. | |||||
| CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2017-10-09 | 7.5 HIGH | N/A |
| IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | |||||
| CVE-2001-0080 | 1 Cisco | 3 Catalyst 4000, Catalyst 5000, Catalyst 6000 | 2017-10-09 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. | |||||
| CVE-2001-0278 | 1 Hp | 1 Mpe Ix | 2017-10-09 | 4.6 MEDIUM | N/A |
| Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. | |||||
| CVE-2000-0716 | 1 Alt-n | 1 Mdaemon | 2017-10-09 | 2.6 LOW | N/A |
| WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email. | |||||
| CVE-2000-0717 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2017-10-09 | 5.0 MEDIUM | N/A |
| GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands. | |||||
| CVE-1999-1279 | 1 Microsoft | 1 Sna Server | 2017-10-09 | 5.0 MEDIUM | N/A |
| An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU. | |||||
| CVE-2000-0720 | 1 Gwscripts | 1 Gwscripts News Publisher | 2017-10-09 | 5.0 MEDIUM | N/A |
| news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program. | |||||
| CVE-2001-0963 | 1 Pi-soft | 1 Spoonftp | 2017-10-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command. | |||||
| CVE-2001-0615 | 1 Faust Informatics | 1 Freestyle Chat | 2017-10-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of a '..' (dot dot) attack such as '...' or '....'. | |||||
| CVE-1999-1284 | 1 Puppets Place | 1 Nukenabber | 2017-10-09 | 5.0 MEDIUM | N/A |
| NukeNabber allows remote attackers to cause a denial of service by connecting to the NukeNabber port (1080) without sending any data, which causes the CPU usage to rise to 100% from the report.exe program that is executed upon the connection. | |||||
| CVE-2000-0726 | 1 Stalkerlab | 1 Mailers | 2017-10-09 | 2.6 LOW | N/A |
| CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable. | |||||
| CVE-2001-0969 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 10.0 HIGH | N/A |
| ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts. | |||||
| CVE-2001-0319 | 1 Ibm | 3 Net.commerce, Net.commerce Hosting Server, Websphere Commerce Suite | 2017-10-09 | 7.5 HIGH | N/A |
| orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. | |||||
| CVE-2001-0109 | 1 Suse | 1 Suse Linux | 2017-10-09 | 1.2 LOW | N/A |
| rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. | |||||
| CVE-2001-0366 | 1 Sap | 2 Sap R 3 Web Application Server Demo, Saposcol | 2017-10-09 | 7.2 HIGH | N/A |
| saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program. | |||||
| CVE-2000-0729 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 2.1 LOW | N/A |
| FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header. | |||||
| CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2017-10-09 | 4.6 MEDIUM | N/A |
| Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | |||||
| CVE-2000-0731 | 1 Jeremy Arnold | 1 Worm Webserver | 2017-10-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0732 | 1 Jeremy Arnold | 1 Worm Webserver | 2017-10-09 | 5.0 MEDIUM | N/A |
| Worm HTTP server allows remote attackers to cause a denial of service via a long URL. | |||||