Total
254543 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0117 | 1 Sun | 3 Cobalt Raq, Cobalt Raq 2, Cobalt Raq 3i | 2024-02-04 | 7.2 HIGH | N/A |
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root). | |||||
CVE-2001-0080 | 1 Cisco | 3 Catalyst 4000, Catalyst 5000, Catalyst 6000 | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. | |||||
CVE-2004-0868 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candidate is a duplicate of CVE-2004-0866. Notes: The description for CVE-2004-0866 was inadvertently attached to this issue instead. All CVE users should reference CVE-2004-0866 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2000-0366 | 1 Debian | 1 Debian Linux | 2024-02-04 | 2.1 LOW | N/A |
dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files. | |||||
CVE-2003-0340 | 1 Demarc Security | 1 Puresecure | 2024-02-04 | 7.5 HIGH | N/A |
Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges. | |||||
CVE-2002-1380 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. | |||||
CVE-2001-0491 | 1 Team Johnlong | 1 Raidenftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST. | |||||
CVE-2000-0515 | 1 Hp | 1 Hp-ux | 2024-02-04 | 10.0 HIGH | N/A |
The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges. | |||||
CVE-1999-1293 | 1 Apache | 1 Http Server | 2024-02-04 | 10.0 HIGH | N/A |
mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. | |||||
CVE-2003-0636 | 1 Novell | 1 Ichain | 2024-02-04 | 7.5 HIGH | N/A |
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. | |||||
CVE-1999-1174 | 1 Iomega | 1 Zip 100 Mb Drive | 2024-02-04 | 4.6 MEDIUM | N/A |
ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk. | |||||
CVE-1999-0236 | 2 Apache, Illinois | 2 Http Server, Ncsa Httpd | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | |||||
CVE-2002-1495 | 1 Rudi Benkovic | 1 Jawmail | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows remote attackers to insert arbitrary script or HTML via (1) attached file names in the Read Mail feature, (2) text/html mails that are displayed in a pop-up window, and (3) certain malicious attributes within otherwise safe tags, such as onMouseOver. | |||||
CVE-2002-1729 | 1 Aspjar | 1 Aspjar Guestbook | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message. | |||||
CVE-2002-2271 | 1 Bigfun | 1 Bigfun | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. | |||||
CVE-2004-1787 | 1 Postnuke Software Foundation | 1 Postcalendar | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries. | |||||
CVE-2004-1695 | 1 Emulive | 1 Server4 | 2024-02-04 | 10.0 HIGH | N/A |
EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to bypass authentication for the remote administration feature via a URL that contains an extra leading / (slash). | |||||
CVE-2003-1434 | 1 Pete Werner | 1 Login Ldap | 2024-02-04 | 6.8 MEDIUM | N/A |
login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no DN or password. | |||||
CVE-2003-0770 | 1 Ikonboard.com | 1 Ikonboard | 2024-02-04 | 7.5 HIGH | N/A |
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement. | |||||
CVE-2003-0562 | 1 Novell | 1 Netware | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string. |