Total
254024 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0284 | 1 University Of Washington | 1 Imap | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands. | |||||
CVE-2002-1527 | 1 Emumail | 1 Emu Webmail | 2024-02-04 | 5.0 MEDIUM | N/A |
emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. | |||||
CVE-2004-0132 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[language_home] parameter to archivednews.php, and a malicious version of lang_admin.php. | |||||
CVE-1999-0049 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Csetup under IRIX allows arbitrary file creation or overwriting. | |||||
CVE-1999-0441 | 1 Qbik | 1 Wingate | 2024-02-04 | 5.0 MEDIUM | N/A |
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. | |||||
CVE-2000-0575 | 1 Ssh | 1 Ssh | 2024-02-04 | 7.2 HIGH | N/A |
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS. | |||||
CVE-2000-1147 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag. | |||||
CVE-1999-1219 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command. | |||||
CVE-2003-1092 | 1 Christos Zoulas | 1 File 1 | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact. | |||||
CVE-2000-0792 | 1 Alan Cox | 1 Gnome-lokkit | 2024-02-04 | 7.5 HIGH | N/A |
Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available. | |||||
CVE-1999-0602 | 2024-02-04 | 10.0 HIGH | N/A | ||
A network intrusion detection system (IDS) does not properly reassemble fragmented packets. | |||||
CVE-2001-1296 | 1 Marc Logemann | 1 More.groupware | 2024-02-04 | 5.0 MEDIUM | N/A |
More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
CVE-2003-0262 | 1 Leksbot | 1 Leksbot | 2024-02-04 | 7.2 HIGH | N/A |
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have. | |||||
CVE-2001-0079 | 1 Hp | 1 Support Tools Manager | 2024-02-04 | 2.1 LOW | N/A |
Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file. | |||||
CVE-1999-1318 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs. | |||||
CVE-2001-0584 | 1 Alt-n | 1 Mdaemon | 2024-02-04 | 2.1 LOW | N/A |
IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands. | |||||
CVE-2002-1960 | 1 Cybozu | 1 Share360 | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows remote attackers to inject arbitrary web script or HTML via an HTML link. | |||||
CVE-2002-1471 | 1 Ximian | 1 Evolution | 2024-02-04 | 5.0 MEDIUM | N/A |
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack. | |||||
CVE-2004-0191 | 1 Mozilla | 1 Mozilla | 2024-02-04 | 6.8 MEDIUM | N/A |
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. | |||||
CVE-2000-0952 | 1 Shigio Yamaguchi | 1 Global | 2024-02-04 | 10.0 HIGH | N/A |
global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters. |