Total
240922 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0482 | 1 Gero Kohnert | 1 Tutos | 2024-02-04 | 7.5 HIGH | N/A |
TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code. | |||||
CVE-2001-0207 | 1 Pierre Beyssac | 1 Bing | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function. | |||||
CVE-2000-1232 | 1 Phorum | 1 Phorum | 2024-02-04 | 5.0 MEDIUM | N/A |
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method. | |||||
CVE-2003-1079 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. | |||||
CVE-2004-2145 | 1 Pd9 Software | 1 Megabbs | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows remote attackers to execute arbitrary SQL commands via the (1) sortdir or (2) criteria parameter to ladder-log.asp or the (3) memberid or (4) teamid parameter to view-profile.asp. | |||||
CVE-2004-1926 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-02-04 | 7.5 HIGH | N/A |
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or the (5) Name, (6) Description, (7) URL, or (8) Country fields in a Directory/Add Site operation. | |||||
CVE-2003-0015 | 2 Cvs, Freebsd | 2 Cvs, Freebsd | 2024-02-04 | 7.5 HIGH | N/A |
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. | |||||
CVE-1999-0700 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 6.2 MEDIUM | N/A |
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. | |||||
CVE-2004-0707 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL. | |||||
CVE-2003-1006 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | |||||
CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2024-02-04 | 5.1 MEDIUM | N/A |
NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
CVE-2003-0772 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ipswitch Ws Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments. | |||||
CVE-2003-0851 | 2 Cisco, Openssl | 5 Css11000 Content Services Switch, Ios, Pix Firewall and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | |||||
CVE-2002-1200 | 1 Oneidentity | 1 Syslog-ng | 2024-02-04 | 7.5 HIGH | N/A |
Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-1999-0998 | 1 Cisco | 1 Cache Engine | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Cache Engine allows an attacker to replace content in the cache. | |||||
CVE-2004-1882 | 1 Cactusoft | 1 Cactushop | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter. | |||||
CVE-1999-0436 | 1 Hp | 2 Desms, Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | |||||
CVE-1999-0877 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 4.3 MEDIUM | N/A |
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME. | |||||
CVE-2004-1717 | 1 Gv | 1 Gv | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value. | |||||
CVE-2004-2000 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php. |