Total
238401 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1931 | 1 Php Arena | 1 Pafiledb | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string. | |||||
CVE-2004-1992 | 1 Solarwinds | 1 Serv-u File Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read. | |||||
CVE-2004-2003 | 1 Delegate | 1 Delegate | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field. | |||||
CVE-2000-0899 | 1 Max Feoktistov | 1 Small Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests. | |||||
CVE-2002-0499 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories. | |||||
CVE-1999-1499 | 1 Isc | 1 Bind | 2024-02-04 | 2.1 LOW | N/A |
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||
CVE-2002-1168 | 1 Ibm | 1 Websphere Caching Proxy Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response. | |||||
CVE-1999-0665 | 2024-02-04 | 10.0 HIGH | N/A | ||
An application-critical Windows NT registry key has an inappropriate value. | |||||
CVE-2003-1466 | 1 Phorum | 1 Phorum | 2024-02-04 | 7.5 HIGH | N/A |
Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites via (1) register.php or (2) login.php. | |||||
CVE-2002-0011 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 5.0 MEDIUM | N/A |
Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login. | |||||
CVE-1999-1027 | 1 Sun | 1 Solaris | 2024-02-04 | 7.2 HIGH | N/A |
Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||||
CVE-2002-0951 | 1 Ruslan Communications | 1 Body Builder | 2024-02-04 | 10.0 HIGH | N/A |
SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password. | |||||
CVE-2003-0524 | 1 Knoppix | 1 Knoppix | 2024-02-04 | 6.2 MEDIUM | N/A |
Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary files via a symlink attack on the qt_plugins_3.0rc temporary file in the .qt directory. | |||||
CVE-2004-0234 | 8 Clearswift, F-secure, Rarlab and 5 more | 13 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 10 more | 2024-02-04 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. | |||||
CVE-1999-0845 | 1 Sco | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in SCO su program allows local users to gain root access via a long username. | |||||
CVE-2004-2213 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request. | |||||
CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | |||||
CVE-2002-0711 | 1 Hp | 1 Trucluster Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service. | |||||
CVE-2001-1123 | 1 Hp | 1 Openview Network Node Manager | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID. | |||||
CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. |