Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0275 | 1 Blueface | 1 Falcon Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / (slash) in the requested URL. | |||||
CVE-2001-1187 | 1 Mutasem Abudahab | 2 Csvform, Csvform Plus | 2024-02-04 | 7.5 HIGH | N/A |
csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter. | |||||
CVE-2000-0197 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 4.6 MEDIUM | N/A |
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | |||||
CVE-2003-1430 | 3 Epic Games, Linux, Microsoft | 3 Unreal Engine, Linux Kernel, All Windows | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | |||||
CVE-2004-1933 | 1 Citadel | 1 Ux | 2024-02-04 | 2.1 LOW | N/A |
Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, which could allow local users to bypass access controls and read unauthorized messages. | |||||
CVE-2002-2052 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software. | |||||
CVE-2000-0445 | 1 Pgp | 1 Pgp | 2024-02-04 | 2.1 LOW | N/A |
The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys. | |||||
CVE-1999-0994 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. | |||||
CVE-2002-1236 | 1 Linksys | 1 Befsr41 | 2024-02-04 | 5.0 MEDIUM | N/A |
The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. | |||||
CVE-2001-0094 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges. | |||||
CVE-2004-1805 | 1 Epic Games | 1 Unreal Engine | 2024-02-04 | 5.0 MEDIUM | N/A |
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names. | |||||
CVE-2001-0455 | 1 Cisco | 1 Aironet 340 | 2024-02-04 | 7.5 HIGH | N/A |
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | |||||
CVE-1999-0667 | 1 Arp Protocol | 1 Arp Protocol | 2024-02-04 | 10.0 HIGH | N/A |
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service. | |||||
CVE-2000-0317 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. | |||||
CVE-1999-1082 | 1 T. Hauck | 1 Jana Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack. | |||||
CVE-2002-1048 | 1 Hp | 1 Jetdirect | 2024-02-04 | 7.5 HIGH | N/A |
HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0. | |||||
CVE-2002-1780 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves. | |||||
CVE-2001-0143 | 2 Immunix, Redhat | 2 Immunix, Linux | 2024-02-04 | 1.2 LOW | N/A |
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-1999-1529 | 1 Trend Micro | 1 Interscan Viruswall | 2024-02-04 | 7.5 HIGH | N/A |
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code. | |||||
CVE-2004-1899 | 1 Tildeslash | 1 Monit | 2024-02-04 | 5.0 MEDIUM | N/A |
The administration interface in Monit 1.4 through 4.2 allows remote attackers to cause an off-by-one overflow via a POST that contains 1024 bytes. |