Total
254037 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1152 | 1 Infrontech | 1 Webtide | 2024-02-04 | 5.0 MEDIUM | N/A |
WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). | |||||
CVE-2003-0744 | 1 Leafnode | 1 Leafnode | 2024-02-04 | 5.0 MEDIUM | N/A |
The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input. | |||||
CVE-2004-2032 | 1 Netgear | 1 Rp114 | 2024-02-04 | 7.5 HIGH | N/A |
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. | |||||
CVE-2004-0327 | 1 Skintech | 1 Phpnewsmanager | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter. | |||||
CVE-2001-1414 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root. | |||||
CVE-1999-1273 | 1 National Science Foundation | 1 Squid Web Proxy | 2024-02-04 | 7.5 HIGH | N/A |
Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. | |||||
CVE-2000-1123 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands. | |||||
CVE-1999-1378 | 1 Dbmlparser.exe | 1 Dbmlparser.exe | 2024-02-04 | 5.0 MEDIUM | N/A |
dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files. | |||||
CVE-2003-0996 | 1 Broadcom | 1 Unicenter Remote Control Host | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown "System Security Vulnerability" in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to gain privileges via the help interface. | |||||
CVE-1999-0636 | 2024-02-04 | 10.0 HIGH | N/A | ||
The discard service is running. | |||||
CVE-2002-0479 | 1 Gravity Storm Software | 1 Service Pack Manager 2000 | 2024-02-04 | 7.2 HIGH | N/A |
Gravity Storm Service Pack Manager 2000 creates a hidden share (SPM2000c$) mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share. | |||||
CVE-1999-1589 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
CVE-2000-0931 | 1 David Harris | 1 Pegasus Mail | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data. | |||||
CVE-2001-0008 | 2 Borland Software, Firebirdsql | 2 Interbase, Firebird | 2024-02-04 | 10.0 HIGH | N/A |
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures. | |||||
CVE-2001-0119 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-04 | 1.2 LOW | N/A |
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2003-0219 | 1 Kerio | 1 Personal Firewall 2 | 2024-02-04 | 7.5 HIGH | N/A |
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server. | |||||
CVE-2001-0042 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. | |||||
CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | |||||
CVE-2000-0672 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory. | |||||
CVE-2000-0892 | 2 Caldera, U Win | 2 Openlinux, U Win | 2024-02-04 | 2.6 LOW | N/A |
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL. |