Total
238872 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0098 | 1 Boozt | 1 Boozt Standard | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in index.cgi administration interface for Boozt! Standard 0.9.8 allows local users to execute arbitrary code via a long name field when creating a new banner. | |||||
CVE-2001-0645 | 1 Axent | 1 Netprowler | 2024-02-04 | 7.5 HIGH | N/A |
Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password. | |||||
CVE-1999-1375 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. | |||||
CVE-2004-2116 | 1 Tinyserver | 1 Tinyserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL. | |||||
CVE-1999-1065 | 1 Palm Pilot | 1 Hotsync Manager | 2024-02-04 | 7.5 HIGH | N/A |
Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode. | |||||
CVE-1999-0357 | 1 Microsoft | 1 Windows 98 | 2024-02-04 | 5.0 MEDIUM | N/A |
Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. | |||||
CVE-2003-0774 | 1 Sane | 2 Sane, Sane-backend | 2024-02-04 | 7.5 HIGH | N/A |
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed. | |||||
CVE-2000-0648 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command. | |||||
CVE-1999-0978 | 1 Debian | 1 Debian Linux | 2024-02-04 | 7.5 HIGH | N/A |
htdig allows remote attackers to execute commands via filenames with shell metacharacters. | |||||
CVE-2004-2240 | 1 Phorum | 1 Phorum | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. | |||||
CVE-2004-1961 | 1 Protector System | 1 Protector System | 2024-02-04 | 7.5 HIGH | N/A |
blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters ("%27"). | |||||
CVE-2002-2300 | 1 3com | 1 Webbngss3nbxnts | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command. | |||||
CVE-2002-0142 | 1 Pi3 | 1 Pi3web | 2024-02-04 | 7.5 HIGH | N/A |
CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters. | |||||
CVE-2001-0377 | 1 Infradig | 1 Inframail | 2024-02-04 | 5.0 MEDIUM | N/A |
Infradig Inframail prior to 3.98a allows a remote attacker to create a denial of service via a malformed POST request which includes a space followed by a large string. | |||||
CVE-2004-0208 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | |||||
CVE-1999-0342 | 1 Pam | 1 Pam | 2024-02-04 | 6.2 MEDIUM | N/A |
Linux PAM modules allow local users to gain root access using temporary files. | |||||
CVE-2003-1426 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.3 LOW | N/A |
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable. | |||||
CVE-1999-1406 | 1 Redhat | 1 Linux | 2024-02-04 | 2.1 LOW | N/A |
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. | |||||
CVE-1999-0356 | 2024-02-04 | 10.0 HIGH | N/A | ||
ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book. | |||||
CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. |