Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0917 | 1 Cgiscript.net | 1 Cspassword | 2024-02-04 | 7.5 HIGH | N/A |
CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users. | |||||
CVE-1999-0775 | 1 Cisco | 1 Ios | 2024-02-04 | 10.0 HIGH | N/A |
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. | |||||
CVE-2000-0915 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 5.0 MEDIUM | N/A |
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. | |||||
CVE-2001-0237 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data. | |||||
CVE-1999-1512 | 1 Amavis | 1 Virus Scanner | 2024-02-04 | 10.0 HIGH | N/A |
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field. | |||||
CVE-2001-1417 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 5.0 MEDIUM | N/A |
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data. | |||||
CVE-2002-1839 | 1 Trend Micro | 1 Interscan Viruswall For Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message. | |||||
CVE-1999-0355 | 1 Broadcom | 1 Controlit | 2024-02-04 | 5.0 MEDIUM | N/A |
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. | |||||
CVE-1999-0075 | 1 Washington University | 1 Wu-ftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. | |||||
CVE-2001-1034 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | |||||
CVE-2001-0242 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090. | |||||
CVE-2001-0781 | 1 Pi-soft | 1 Spoonftp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST. | |||||
CVE-2001-1020 | 1 Vibechild | 1 Directory Manager | 2024-02-04 | 7.5 HIGH | N/A |
edit_image.php in Vibechild Directory Manager before 0.91 allows remote attackers to execute arbitrary commands via shell metacharacters in the userfile_name parameter, which is sent unfiltered to the PHP passthru function. | |||||
CVE-2004-1539 | 1 Gearbox Software | 1 Halo Combat Evolved | 2024-02-04 | 5.0 MEDIUM | N/A |
Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. | |||||
CVE-1999-0744 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request. | |||||
CVE-2001-0989 | 1 Richard Everitt | 1 Pileup | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign. | |||||
CVE-2000-0811 | 1 Cgi Script Center | 1 Auction Weaver | 2024-02-04 | 5.0 MEDIUM | N/A |
Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | |||||
CVE-2002-1138 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File Handling for Scheduled Jobs." | |||||
CVE-2004-0801 | 4 Conectiva, Linuxprinting.org, Sun and 1 more | 4 Linux, Foomatic-filters, Java Desktop System and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands. | |||||
CVE-2003-0724 | 1 Compaq | 1 Tru64 | 2024-02-04 | 7.5 HIGH | N/A |
ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges. |