Total
254548 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1993 | 1 Omail | 1 Omail Webmail | 2024-02-04 | 10.0 HIGH | N/A |
The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password. | |||||
CVE-2001-1075 | 1 Sun | 1 Cobalt Raq 3i | 2024-02-04 | 5.0 MEDIUM | N/A |
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file. | |||||
CVE-2001-0827 | 1 Grant Averett | 1 Ceberus Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV" requests. | |||||
CVE-2001-0503 | 1 Microsoft | 1 Netmeeting | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service via a malformed string to the NetMeeting service port, aka a variant of the "NetMeeting Desktop Sharing" vulnerability. | |||||
CVE-2000-0997 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges. | |||||
CVE-2001-1201 | 1 Timecop | 1 Wmcube Gdk | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file. | |||||
CVE-1999-0250 | 1 Dan Bernstein | 1 Qmail | 2024-02-04 | 10.0 HIGH | N/A |
Denial of service in Qmail through long SMTP commands. | |||||
CVE-2003-1112 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2024-02-04 | 7.5 HIGH | N/A |
The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
CVE-2002-1077 | 1 Ipswitch | 1 Imail | 2024-02-04 | 5.0 MEDIUM | N/A |
IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. | |||||
CVE-2002-1585 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic. | |||||
CVE-2001-1393 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang). | |||||
CVE-1999-0499 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.5 HIGH | N/A |
NETBIOS share information may be published through SNMP registry keys in NT. | |||||
CVE-2000-0860 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. | |||||
CVE-2003-0326 | 1 Slocate | 1 Slocate | 2024-02-04 | 4.6 MEDIUM | N/A |
Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc. | |||||
CVE-2004-0979 | 1 Microsoft | 3 Ie, Internet Explorer, Windows Xp | 2024-02-04 | 4.6 MEDIUM | N/A |
Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration. | |||||
CVE-2003-1171 | 1 Mod Security | 1 Mod Security | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. | |||||
CVE-2003-1506 | 1 Daniel Barron | 1 Dansguardian | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter. | |||||
CVE-2004-0339 | 1 Phpbb Group | 1 Phpbb | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter. | |||||
CVE-1999-0737 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
CVE-1999-1586 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. |