Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1326 | 1 Washington University | 1 Wu-ftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. | |||||
CVE-2003-1482 | 1 Microsoft | 1 Mn-500 Wireless Base Station | 2024-02-04 | 4.6 MEDIUM | N/A |
The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access. | |||||
CVE-2000-1223 | 1 I-soft | 1 Quikstore | 2024-02-04 | 7.5 HIGH | N/A |
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request. | |||||
CVE-2004-0410 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
CVE-2003-1531 | 1 Lilikoi | 1 Ceilidh | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
CVE-2000-0553 | 1 Darren Reed | 1 Ipfilter | 2024-02-04 | 2.6 LOW | N/A |
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions. | |||||
CVE-2004-0830 | 1 F-secure | 3 F-secure Anti-virus, F-secure Content Scanner Server, Internet Gatekeeper | 2024-02-04 | 5.0 MEDIUM | N/A |
The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet. | |||||
CVE-1999-1371 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. | |||||
CVE-2000-0353 | 1 University Of Washington | 1 Pine | 2024-02-04 | 10.0 HIGH | N/A |
Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine. | |||||
CVE-2002-0409 | 1 Microsoft | 1 .net Framework | 2024-02-04 | 5.0 MEDIUM | N/A |
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter. | |||||
CVE-2002-1411 | 1 Duma | 1 Photo Gallery System | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter. | |||||
CVE-2003-0538 | 1 Mozart | 1 Mozart | 2024-02-04 | 7.5 HIGH | N/A |
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program. | |||||
CVE-2004-1431 | 1 Joe Lumbroso | 1 Jacks Formmail.php | 2024-02-04 | 5.0 MEDIUM | N/A |
FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a full pathname in the ar_file (auto-reply) parameter. | |||||
CVE-2001-0197 | 2 Icecast, Redhat | 2 Icecast, Linux | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. | |||||
CVE-2000-0462 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | |||||
CVE-2002-0363 | 1 Aladdin Enterprises | 1 Ghostscript | 2024-02-04 | 7.5 HIGH | N/A |
ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice. | |||||
CVE-2003-1190 | 1 Phprecipebook | 1 Phprecipebook | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe. | |||||
CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. | |||||
CVE-2002-0534 | 1 Postboard | 1 Postboard | 2024-02-04 | 5.0 MEDIUM | N/A |
PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags. | |||||
CVE-2003-1443 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2024-02-04 | 4.4 MEDIUM | N/A |
Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com. |