Total
253942 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0014 | 1 University Of Washington | 1 Pine | 2024-02-04 | 7.5 HIGH | N/A |
URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&). | |||||
CVE-2002-2199 | 1 Freebsd | 1 Advanced Intrusion Detection Environment | 2024-02-04 | 4.6 MEDIUM | N/A |
The default aide.conf file in Advanced Intrusion Detection Environment (AIDE) before 0.7_1 on FreeBSD before 2002-08-28 does not properly check subdirectories, which could allow local users to bypass detection. | |||||
CVE-2004-1327 | 1 Crystal Art Software | 1 Crystal Ftp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension. | |||||
CVE-1999-0708 | 1 Infodrom | 1 Cfingerd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | |||||
CVE-2002-2390 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||||
CVE-2002-0851 | 1 Isdn4linux | 1 Isdn4linux | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog. | |||||
CVE-2000-0511 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request. | |||||
CVE-1999-0461 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2024-02-04 | 10.0 HIGH | N/A |
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. | |||||
CVE-2000-0803 | 1 Gnu | 1 Groff | 2024-02-04 | 10.0 HIGH | N/A |
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | |||||
CVE-2004-0602 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
The binary compatibility mode for FreeBSD 4.x and 5.x does not properly handle certain Linux system calls, which could allow local users to access kernel memory to gain privileges or cause a system panic. | |||||
CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. | |||||
CVE-2003-1486 | 1 Phorum | 1 Phorum | 2024-02-04 | 5.0 MEDIUM | N/A |
Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the information in an error message. | |||||
CVE-2002-0789 | 1 Mnogosearch | 1 Mnogosearch | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter. | |||||
CVE-2000-1042 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||||
CVE-2002-0128 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 7.5 HIGH | N/A |
cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long argument. | |||||
CVE-2004-0016 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-04 | 7.5 HIGH | N/A |
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files. | |||||
CVE-2002-0494 | 1 Websight Directory System | 1 Websight Directory System | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in WebSight Directory System 0.1 allows remote attackers to execute arbitrary Javascript and gain access to the WebSight administrator via a new link submission containing the script in a website name. | |||||
CVE-2003-0701 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344. | |||||
CVE-2001-0298 | 1 Sapio Design Ltd | 1 Webreflex | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. | |||||
CVE-2000-1097 | 1 Sonicwall | 1 Soho Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. |