Total
254001 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0892 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2024-02-04 | 5.0 MEDIUM | N/A |
| The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message. | |||||
| CVE-1999-0253 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. | |||||
| CVE-2002-0452 | 1 Foundrynet | 1 Serveriron | 2024-02-04 | 7.5 HIGH | N/A |
| Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be inaccessible. | |||||
| CVE-2002-0177 | 1 Icecast | 1 Icecast | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. | |||||
| CVE-2003-0809 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page. | |||||
| CVE-2002-0759 | 1 Bzip | 1 Bzip2 | 2024-02-04 | 5.0 MEDIUM | N/A |
| bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, does not use the O_EXCL flag to create files during decompression and does not warn the user if an existing file would be overwritten, which could allow attackers to overwrite files via a bzip2 archive. | |||||
| CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2024-02-04 | 7.2 HIGH | N/A |
| makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
| CVE-2002-1464 | 1 Cafelog | 1 B2 | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable. | |||||
| CVE-2002-2355 | 1 Netgear | 1 Fm114p | 2024-02-04 | 7.1 HIGH | N/A |
| Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. | |||||
| CVE-2000-0128 | 1 Daniel Beckham | 1 The Finger Server | 2024-02-04 | 10.0 HIGH | N/A |
| The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2002-1645 | 1 Ssh | 1 Ssh2 | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2002-1764 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 2.1 LOW | N/A |
| acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2003-1329 | 1 Washington University | 1 Wu-ftpd | 2024-02-04 | 7.8 HIGH | N/A |
| ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. | |||||
| CVE-2003-1000 | 1 Xchat | 1 Xchat | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference. | |||||
| CVE-2002-0686 | 1 Iplanet | 1 Iplanet Web Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter. | |||||
| CVE-2003-0902 | 1 Minimalist | 1 Minimalist | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-0886 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 9.0 HIGH | N/A |
| The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. | |||||
| CVE-2002-0501 | 1 Posadis | 1 Posadis | 2024-02-04 | 7.2 HIGH | N/A |
| Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages. | |||||
| CVE-2004-0156 | 1 Ssmtp | 1 Ssmtp | 2024-02-04 | 5.0 MEDIUM | N/A |
| Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2024-02-04 | 7.5 HIGH | N/A |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||