Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1054 | 1 Pablo Software Solutions | 1 Pablo Ftp Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. | |||||
CVE-2004-0907 | 1 Mozilla | 2 Mozilla, Thunderbird | 2024-02-04 | 4.6 MEDIUM | N/A |
The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code. | |||||
CVE-2000-0102 | 1 Salescart | 1 Salescart | 2024-02-04 | 7.5 HIGH | N/A |
The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2003-1097 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. | |||||
CVE-2001-0201 | 1 Umut Gokbayrak | 1 Postaci | 2024-02-04 | 7.5 HIGH | N/A |
The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program. | |||||
CVE-1999-1323 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 4.6 MEDIUM | N/A |
Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE. | |||||
CVE-2002-1730 | 1 Aspjar | 1 Aspjar Guestbook | 2024-02-04 | 5.0 MEDIUM | N/A |
ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true". | |||||
CVE-2002-2408 | 1 Gordano | 1 Ntmail | 2024-02-04 | 7.5 HIGH | N/A |
Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server. | |||||
CVE-2000-0893 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. | |||||
CVE-2000-1224 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 5.0 MEDIUM | N/A |
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others. | |||||
CVE-2000-0937 | 1 Samba | 1 Samba | 2024-02-04 | 7.5 HIGH | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks. | |||||
CVE-2002-0012 | 1 Snmp | 1 Snmp | 2024-02-04 | 10.0 HIGH | N/A |
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | |||||
CVE-2002-2077 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session. | |||||
CVE-2002-2425 | 1 Sun | 1 Solaris Answerbook2 | 2024-02-04 | 10.0 HIGH | N/A |
Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request. | |||||
CVE-1999-1295 | 1 Transarc | 1 Dce Distributed File System | 2024-02-04 | 4.6 MEDIUM | N/A |
Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS. | |||||
CVE-2003-0248 | 1 Redhat | 1 Linux | 2024-02-04 | 10.0 HIGH | N/A |
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | |||||
CVE-2002-2327 | 1 Sun | 2 Sun Fire, Sunos | 2024-02-04 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. | |||||
CVE-1999-0351 | 1 Ftp | 1 Ftp Pasv | 2024-02-04 | 6.4 MEDIUM | N/A |
FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. | |||||
CVE-2001-0621 | 1 Cisco | 1 Content Services Switch 11000 | 2024-02-04 | 7.5 HIGH | N/A |
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | |||||
CVE-1999-1415 | 1 Digital | 1 Ultrix | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. |