Total
254047 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0775 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-04 | 5.0 MEDIUM | N/A |
browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter. | |||||
CVE-2001-0955 | 1 Xfree86 Project | 1 X11r6 | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | |||||
CVE-2003-1089 | 1 Phpoutsourcing | 1 Zorum | 2024-02-04 | 5.0 MEDIUM | N/A |
index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. | |||||
CVE-2003-0827 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 5.0 MEDIUM | N/A |
The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523. | |||||
CVE-2001-1242 | 1 Steve Grimm | 1 Un-cgi | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form. | |||||
CVE-2002-1980 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. | |||||
CVE-2002-0053 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. | |||||
CVE-1999-1379 | 1 Dnstools Software | 1 Dnstools | 2024-02-04 | 5.0 MEDIUM | N/A |
DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker. | |||||
CVE-2002-2149 | 1 Lucent | 3 Access Point Service Router 1500, Access Point Service Router 300, Access Point Service Router 600 | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface. | |||||
CVE-2003-0547 | 2 Gnome, Redhat | 2 Gdm, Kdebase | 2024-02-04 | 2.1 LOW | N/A |
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. | |||||
CVE-1999-0772 | 1 Compaq | 2 Insight Management Agent, Power Management | 2024-02-04 | 6.4 MEDIUM | N/A |
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. | |||||
CVE-2004-0721 | 1 Kde | 1 Konqueror | 2024-02-04 | 7.5 HIGH | N/A |
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-2002-0950 | 1 Transware | 1 Active Mail | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered. | |||||
CVE-2003-0471 | 1 Alt-n | 1 Webadmin | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument. | |||||
CVE-2002-1366 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2024-02-04 | 6.2 MEDIUM | N/A |
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. | |||||
CVE-2000-1126 | 1 Hp | 1 Hp-ux | 2024-02-04 | 10.0 HIGH | N/A |
Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service. | |||||
CVE-2002-0060 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.5 HIGH | N/A |
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions. | |||||
CVE-2004-0471 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 2.1 LOW | N/A |
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of service (service shutdown). | |||||
CVE-2002-1436 | 1 Novell | 1 Netware | 2024-02-04 | 7.5 HIGH | N/A |
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. | |||||
CVE-2001-0755 | 1 Debian | 1 Debian Linux | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command. |