Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0927 | 1 Gnome | 1 Libgtop Daemon | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions. | |||||
CVE-2003-0386 | 1 Openbsd | 1 Openssh | 2024-02-04 | 7.5 HIGH | N/A |
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. | |||||
CVE-1999-0259 | 1 Infodrom | 1 Cfingerd | 2024-02-04 | 5.0 MEDIUM | N/A |
cfingerd lists all users on a system via search.**@target. | |||||
CVE-2001-0996 | 1 Pop3lite | 1 Pop3lite | 2024-02-04 | 6.4 MEDIUM | N/A |
POP3Lite before 0.2.4 does not properly quote a . (dot) in an email message, which could allow a remote attacker to append arbitrary text to the end of an email message, which could then be interpreted by various mail clients as valid POP server responses or other input that could cause clients to crash or otherwise behave unexpectedly. | |||||
CVE-2001-0168 | 1 Att | 1 Winvnc | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. | |||||
CVE-2004-2124 | 1 Gallery Project | 1 Gallery | 2024-02-04 | 5.0 MEDIUM | N/A |
The register_globals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. | |||||
CVE-2004-0689 | 2 Debian, Kde | 2 Debian Linux, Kde | 2024-02-04 | 4.6 MEDIUM | 7.1 HIGH |
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | |||||
CVE-2004-0805 | 2 Mandrakesoft, Mpg123 | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mpg123 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. | |||||
CVE-1999-1550 | 1 F5 | 1 Tmos | 2024-02-04 | 5.0 MEDIUM | N/A |
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter. | |||||
CVE-2002-0772 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter. | |||||
CVE-2003-0348 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 6.4 MEDIUM | N/A |
A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. | |||||
CVE-2003-1044 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID. | |||||
CVE-2003-0306 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter. | |||||
CVE-2000-0237 | 1 Netscape | 1 Enterprise Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories. | |||||
CVE-2004-1743 | 1 Efs Software | 1 Efs Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder. | |||||
CVE-2002-0021 | 1 Microsoft | 1 Office | 2024-02-04 | 5.0 MEDIUM | N/A |
Network Product Identification (PID) Checker in Microsoft Office v. X for Mac allows remote attackers to cause a denial of service (crash) via a malformed product announcement. | |||||
CVE-2002-0787 | 1 Critical Path | 1 Injoin Directory Server | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters. | |||||
CVE-2001-0146 | 1 Microsoft | 2 Exchange Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. | |||||
CVE-2000-0186 | 4 Freebsd, Mandrakesoft, Redhat and 1 more | 4 Freebsd, Mandrake Linux, Linux and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. | |||||
CVE-2002-2325 | 1 University Of Washington | 1 Pine | 2024-02-04 | 7.8 HIGH | N/A |
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. |