Total
254365 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0941 | 1 Kootenay Web Inc | 1 Kootenay Web Inc Whois | 2024-02-04 | 10.0 HIGH | N/A |
Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter. | |||||
CVE-2002-1678 | 1 Jelsoft | 1 Vbulletin | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits. | |||||
CVE-2002-1497 | 1 Nulllogic | 1 Null Httpd | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attackers to insert arbitrary HTML into a "404 Not Found" response. | |||||
CVE-2001-0924 | 1 Ibm | 1 Informix Web Datablade | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter. | |||||
CVE-2001-0086 | 1 Cgi Script Center | 1 Subscribe Me Lite | 2024-02-04 | 5.0 MEDIUM | N/A |
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter. | |||||
CVE-2002-0126 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD. | |||||
CVE-2003-0747 | 1 Sap | 1 Internet Transaction Server | 2024-02-04 | 5.0 MEDIUM | N/A |
wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~language, (4) ~theme, or (5) ~template, which leaks the information in the resulting error message. | |||||
CVE-2004-0380 | 1 Microsoft | 1 Outlook Express | 2024-02-04 | 10.0 HIGH | N/A |
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." | |||||
CVE-2002-0755 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. | |||||
CVE-2004-0045 | 1 Isc | 1 Inn | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | |||||
CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
CVE-2001-0919 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.1 MEDIUM | N/A |
Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript. | |||||
CVE-2000-0861 | 1 Gnu | 1 Mailman | 2024-02-04 | 7.2 HIGH | N/A |
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | |||||
CVE-2003-0074 | 1 Plptools | 1 Plptools | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog. | |||||
CVE-2000-0640 | 1 Steve Poulsen | 1 Guildftpd | 2024-02-04 | 7.5 HIGH | N/A |
Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not. | |||||
CVE-2003-1163 | 1 Ganglia | 1 Gmond | 2024-02-04 | 5.0 MEDIUM | N/A |
hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | |||||
CVE-2002-2078 | 1 Floosietek | 2 Ftgateoffice, Ftgatepro | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. | |||||
CVE-1999-0940 | 1 Mutt | 1 Mutt Mail Client | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. | |||||
CVE-2002-2317 | 1 Symantec | 1 Velociraptor | 2024-02-04 | 7.8 HIGH | N/A |
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. | |||||
CVE-2002-0956 | 1 Iss | 1 Blackice Agent | 2024-02-04 | 7.5 HIGH | N/A |
BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions. |