| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-1999-0497 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
Anonymous FTP is enabled. |
|
2 |
CVE-1999-0523 |
|
|
|
1999-01-01 |
2010-12-01 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
ICMP echo (ping) is allowed from arbitrary hosts. |
|
3 |
CVE-1999-0524 |
200 |
|
+Info |
1997-08-01 |
2021-09-22 |
0.0 |
None |
Local |
Low |
Not required |
None |
None |
None |
|
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
|
4 |
CVE-1999-0525 |
|
|
|
1997-01-01 |
2014-11-24 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
IP traceroute is allowed from arbitrary hosts. |
|
5 |
CVE-1999-0532 |
|
|
|
1997-07-01 |
2008-09-09 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
A DNS server allows zone transfers. |
|
6 |
CVE-1999-0586 |
|
|
|
1999-01-01 |
2014-11-04 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
A network service is running on a nonstandard port. |
|
7 |
CVE-1999-0612 |
|
|
|
1997-03-01 |
2008-09-09 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
A version of finger is running that exposes valid user information to any entity on the network. |
|
8 |
CVE-1999-0613 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The rpc.sprayd service is running. |
|
9 |
CVE-1999-0624 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The rstat/rstatd service is running. |
|
10 |
CVE-1999-0625 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The rpc.rquotad service is running. |
|
11 |
CVE-1999-0626 |
|
|
|
1997-01-01 |
2008-09-09 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
A version of rusers is running that exposes valid user information to any entity on the network. |
|
12 |
CVE-1999-0627 |
|
|
Exec Code |
1992-03-01 |
2008-09-09 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
|
13 |
CVE-1999-0629 |
|
|
|
1999-01-01 |
2010-12-01 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The ident/identd service is running. |
|
14 |
CVE-1999-0632 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The RPC portmapper service is running. |
|
15 |
CVE-1999-0635 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The echo service is running. |
|
16 |
CVE-1999-0637 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The systat service is running. |
|
17 |
CVE-1999-0638 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The daytime service is running. |
|
18 |
CVE-1999-0639 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The chargen service is running. |
|
19 |
CVE-1999-0641 |
|
|
|
1999-01-01 |
2007-07-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The UUCP service is running. |
|
20 |
CVE-1999-0657 |
|
|
|
1999-01-01 |
2007-07-21 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
WinGate is being used. |
|
21 |
CVE-2005-0951 |
|
|
|
2005-05-02 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate was created as a result of an analysis error for a researcher advisory for an issue that already existed. It stated an incorrect parameter, which was not part of the vulnerability at all. Notes: CVE users should not reference this candidate at all. |
|
22 |
CVE-2005-1032 |
|
|
Sql +Info |
2005-04-06 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** cart.php in LiteCommerce might allow remote attackers to obtain sensitive information via invalid (1) category_id or (2) product_id parameters. NOTE: this issue was originally claimed to be due to SQL injection, but the original researcher is known to be frequently inaccurate with respect to bug type and severity. The vendor has disputed this issue, saying "These reports are credited to malicious person we refused to hire. We have not taken legal action against him only because he is located in India. The vulnerabilites reported can not be reproduced, hence information you provide is contrary to fact." Further investigation by CVE personnel shows that an invalid SQL syntax error could be generated, but it only reveals portions of underlying database structure, which is already available in documentation from the vendor, and it does not appear to lead to path disclosure. Therefore, this issue is not a vulnerability or an exposure, and it probably should be REJECTED. |
|
23 |
CVE-2006-4274 |
|
|
Exec Code |
2006-08-21 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** Unknown vulnerability in Microsoft PowerPoint allows user-assisted attackers to execute arbitrary code via a crafted PPT document, as exploited by malware such as TROJ_MDROPPER.BH. NOTE: on 20060822, it was determined that TROJ_MDROPPER.BH was exploiting CVE-2006-0009, so this is not a new vulnerability. |
|
24 |
CVE-2006-4854 |
|
|
Exec Code |
2006-09-19 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** Unspecified vulnerability in Microsoft Office 2000 (Chinese Edition) and Microsoft PowerPoint 2000 (Chinese Edition) allows user-assisted attackers to execute arbitrary code via a crafted PPT document, as exploited by malware such as Trojan.PPDropper.E. NOTE: on 20060919, Microsoft notified CVE that this is a duplicate of CVE-2006-0009. |
|
25 |
CVE-2007-2056 |
|
|
|
2007-04-30 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-time-of-use file race"). NOTE: the researcher has retracted the original advisory, stating that "the portion of vulnerable code is not called in any current version of AFFLIB and is therefore not exploitable." |
|
26 |
CVE-2007-4044 |
|
|
|
2007-07-27 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** The MS-RPC functionality in smbd in Samba 3 on SUSE Linux before 20070720 does not include "one character in the shell escape handling." NOTE: this issue was originally characterized as a shell metacharacter issue due to an incomplete fix for CVE-2007-2447, which was interpreted by CVE to be security relevant. However, SUSE and Red Hat have disputed the problem, stating that the only impact is that scripts will not be executed if they have a "c" in their name, but even this limitation might not exist. This does not have security implications, so should not be included in CVE. |
|
27 |
CVE-2007-5421 |
|
|
Exec Code Overflow |
2007-10-12 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** Multiple stack-based buffer overflows in Cisco IOS 12.x and IOS XR allow attackers to execute arbitrary code, as demonstrated via the "Bind Shell", "Reverse Shell", and "Two byte rootshell (Tiny Shell)" attacks. NOTE: the vendor and researcher agree that this issue does not cross privilege boundaries, saying they do not "represent a vulnerability." The disclosure was intended to demonstrate techniques for exploitation, which is not covered by CVE. |
|
28 |
CVE-2007-5908 |
|
|
DoS Exec Code Overflow |
2007-11-09 |
2008-09-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that "There is no way for unprivileged users (or really even the root user) to add new clocksources." |
|
29 |
CVE-2008-6049 |
|
|
Exec Code Sql |
2009-02-04 |
2009-03-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows remote attackers to execute arbitrary SQL commands via the menuID parameter. NOTE: CVE and multiple reliable third parties dispute this issue, since TinyMCE does not contain index.php or any PHP code. This may be an issue in a product that has integrated TinyMCE. |
|
30 |
CVE-2009-0242 |
|
|
DoS |
2009-01-21 |
2009-02-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption. CVE concurs with the dispute, so this identifier should not be used. |
|
31 |
CVE-2009-0671 |
|
|
Exec Code |
2009-02-22 |
2009-02-26 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** REJECT ** Format string vulnerability in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit imap-2007d and other applications, allows remote attackers to execute arbitrary code via format string specifiers in the initial request to the IMAP port (143/tcp). NOTE: Red Hat has disputed the vulnerability, stating "The Red Hat Security Response Team have been unable to confirm the existence of this format string vulnerability in the toolkit, and the sample published exploit is not complete or functional." CVE agrees that the exploit contains syntax errors and uses Unix-only include files while invoking Windows functions. |
|
32 |
CVE-2012-0547 |
|
|
|
2012-08-30 |
2022-05-13 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references." |
|
33 |
CVE-2012-5085 |
|
|
|
2012-10-16 |
2022-05-13 |
0.0 |
None |
Remote |
Medium |
??? |
None |
None |
None |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. |
|
34 |
CVE-2013-1622 |
|
|
|
2013-02-08 |
2013-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The SSL module in PolarSSL before 1.2.5, when TLS alert messages for decryption errors are enabled, omits a required MAC check during the processing of malformed CBC data in a TLS session, which allows remote attackers to conduct distinguishing attacks via statistical analysis of timing side-channel data for crafted packets, a different vulnerability than CVE-2013-0169. |
|
35 |
CVE-2013-1891 |
|
|
Bypass |
2022-06-24 |
2022-06-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed. |
|
36 |
CVE-2013-1916 |
|
|
|
2022-06-24 |
2022-06-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved. |
|
37 |
CVE-2013-4144 |
|
|
|
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
There is an object injection vulnerability in swfupload plugin for wordpress. |
|
38 |
CVE-2013-4170 |
|
|
XSS |
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a view's `tagName` to user-supplied data, a specially-crafted payload could execute arbitrary JavaScript in the context of the current domain ("XSS"). This vulnerability only affects applications that assign or bind user-provided content to `tagName`. |
|
39 |
CVE-2013-4561 |
|
|
|
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity. |
|
40 |
CVE-2013-4869 |
522 |
|
|
2013-07-18 |
2020-12-08 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0." |
|
41 |
CVE-2013-6355 |
|
|
+Info |
2017-10-17 |
2017-10-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Microsoft Graphics Component in Windows Server 2003 Service Pack 2, x64 Edition Service Pack 2, SP2 for Itanium-based Systems, Windows Vista Service pack 2 and x64 Edition Service Pack 2, Windows Server 2008 for 32-bit Systems Service Pack 2, x64-based Systems Service Pack 2, and Itanium-based Systems Service Pack 2, Windows 7 for 32-bit Systems Service Pack 1, and x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, and Itanium-based Systems Service Pack 1, Windows 8 and Windows 8.1 for 32-bit Systems and x64-based Systems, Windows Server 2012 and Windows Server 2012 R2, Windows RT and Windows RT 8.1, and the Server Core installation option for Windows Server 2008 for 32-bit Systems Service pack 2, Windows Server 2008 for x64-based Systems Service Pack 2, Windows Server 2008 R2 for x64-based Systems Service Pack 1, Windows Server 2012, and Windows Server 2012 R2 does not properly decode JPEG images in memory, which allows remote attackers to obtain sensitive information via a crafted JPEG. |
|
42 |
CVE-2014-0068 |
|
|
|
2022-06-30 |
2022-07-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission. |
|
43 |
CVE-2014-0156 |
|
|
Exec Code |
2022-06-30 |
2022-07-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input was included in command arguments, attacker could use this flaw to execute arbitrary command. |
|
44 |
CVE-2014-3648 |
|
|
|
2022-07-01 |
2022-07-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached or can slow the server down by purposefully wasting it's time with slow endpoints. Similarly, one can provide whatever HTTP end point they want. This turns the server into a DDOS vector or an anonymizer for the posting of malware and so on. |
|
45 |
CVE-2014-3650 |
|
|
XSS |
2022-07-01 |
2022-07-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with specially crafted input. |
|
46 |
CVE-2016-10545 |
|
|
Exec Code |
2018-07-05 |
2018-07-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
thor ruby gem suffers from a command injection vulnerability due to the use of `open-uri`'s open() as used in Thor::Actions#get, allowing for execution of system commands. |
|
47 |
CVE-2017-1298 |
|
|
DoS |
2017-04-28 |
2017-04-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A denial of service vulnerability has been discovered in 40-GbE network interface modules for IBM Security Network Protection XGS 7100 appliance. IBM X-Force ID: 125160. |
|
48 |
CVE-2017-5716 |
|
|
DoS Exec Code Overflow |
2017-09-05 |
2017-09-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Buffer overflow in ConnMan Project connection manager daemon version 1.34 and earlier allows a remote attacker to conduct a denial of service and remote code execution via malformed DNS packets. |
|
49 |
CVE-2017-7286 |
|
|
Overflow |
2017-04-10 |
2017-04-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Linux kernel package 3.16.0-28 on Ubuntu 14.04 LTS mishandles a series of mmap system calls for /dev/zero with different starting addresses, with a stated impact of "allowing for a local user to possibly gain root access," aka an "inode integer overflow." |
|
50 |
CVE-2017-7319 |
|
|
|
2017-04-10 |
2017-04-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability in the Linux kernel package 3.16.0-28 on Ubuntu 14.04 LTS allows any user to send a SIGIO signal to any process. If the process does not catch or ignore the signal, it will exit. |
