Total
254282 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0424 | 2 Freebsd, Timecop | 2 Freebsd, Bubblemon | 2024-02-04 | 7.2 HIGH | N/A |
BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id. | |||||
CVE-2004-0731 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field. | |||||
CVE-2002-1312 | 1 Linksys | 9 Befn2ps4, Befsr11, Befsr41 and 6 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. | |||||
CVE-2000-0828 | 1 Mobius | 1 Documentdirect For The Internet | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. | |||||
CVE-2002-0136 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript. | |||||
CVE-2003-0677 | 1 Cisco | 1 Webns | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure." | |||||
CVE-2003-1073 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 1.2 LOW | N/A |
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. | |||||
CVE-2002-0813 | 1 Cisco | 1 Ios | 2024-02-04 | 7.1 HIGH | N/A |
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | |||||
CVE-2001-0053 | 3 David Madore, Netbsd, Openbsd | 3 Ftpd-bsd, Netbsd, Openbsd | 2024-02-04 | 10.0 HIGH | N/A |
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. | |||||
CVE-2002-2118 | 1 Blue World Communications | 1 Lasso Web Data Engine | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial of service via a long URL. | |||||
CVE-2004-1468 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2024-02-04 | 7.5 HIGH | N/A |
The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message. | |||||
CVE-2001-0466 | 1 Microburst | 1 Ustorekeeper Online Shopping System | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2024-02-04 | 7.2 HIGH | N/A |
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | |||||
CVE-1999-0477 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 7.5 HIGH | N/A |
The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly. | |||||
CVE-2004-2230 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 2.1 LOW | N/A |
Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | |||||
CVE-2003-0242 | 1 Apple | 1 Mac Os X | 2024-02-04 | 7.5 HIGH | N/A |
IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | |||||
CVE-1999-0262 | 1 Renaud Deraison | 1 Faxsurvey | 2024-02-04 | 7.5 HIGH | N/A |
Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
CVE-2002-0322 | 1 Yahoo | 1 Messenger | 2024-02-04 | 7.5 HIGH | N/A |
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing. | |||||
CVE-2002-0486 | 1 Workforceroi | 1 Xpede | 2024-02-04 | 7.2 HIGH | N/A |
Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges. | |||||
CVE-2004-1470 | 1 Snipsnap | 1 Snipsnap | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server. |