Total
253939 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0448 | 1 Xerver | 1 Xerver | 2024-02-04 | 5.0 MEDIUM | N/A |
Xerver Free Web Server 2.10 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request that contains many "C:/" sequences. | |||||
CVE-2004-0277 | 1 Bolintech | 1 Dream Ftp Server | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username. | |||||
CVE-1999-1149 | 1 Computer Software Manufaktur | 1 Csm Proxy | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port. | |||||
CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2024-02-04 | 7.2 HIGH | N/A |
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | |||||
CVE-2004-0099 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions. | |||||
CVE-2004-1554 | 1 Alexphpteam | 1 Alex Guestbook | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2000-0332 | 1 Ultrascripts | 1 Ultraboard | 2024-02-04 | 5.0 MEDIUM | N/A |
UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte. | |||||
CVE-2003-1005 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. | |||||
CVE-1999-1580 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | |||||
CVE-2004-0757 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2024-02-04 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | |||||
CVE-2001-1097 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | |||||
CVE-2001-1120 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | |||||
CVE-1999-0507 | 2024-02-04 | 7.5 HIGH | N/A | ||
An account on a router, firewall, or other network device has a guessable password. | |||||
CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2024-02-04 | 7.5 HIGH | N/A |
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | |||||
CVE-2003-0251 | 1 Nis | 1 Ypserv Nis Server | 2024-02-04 | 5.0 MEDIUM | N/A |
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block. | |||||
CVE-2004-1374 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | |||||
CVE-2002-0751 | 1 Cgiscript.net | 1 Csmailto | 2024-02-04 | 7.5 HIGH | N/A |
CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters. | |||||
CVE-2001-1069 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 7.2 HIGH | N/A |
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | |||||
CVE-2002-0841 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0842. Reason: This candidate is a duplicate of CVE-2002-0842. The duplicate assignment was made before public disclosure. Notes: none. | |||||
CVE-2001-0742 | 1 Computalynx | 1 Cmail | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows remote attackers to run arbitrary code via a long HELO command. |