Total
253968 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1430 | 1 Cayman | 1 3220-h Dsl Router | 2024-02-04 | 7.5 HIGH | N/A |
Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access. | |||||
CVE-2001-0054 | 1 Solarwinds | 1 Serv-u File Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | |||||
CVE-2004-0398 | 2 Debian, Webdav | 3 Debian Linux, Cadaver, Neon | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. | |||||
CVE-2004-0792 | 1 Andrew Tridgell | 1 Rsync | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. | |||||
CVE-2001-1555 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 4.6 MEDIUM | N/A |
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY. | |||||
CVE-2002-2366 | 1 Cerulean Studios | 1 Trillian | 2024-02-04 | 6.8 MEDIUM | N/A |
Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml. | |||||
CVE-2001-1341 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi program by default, which allows remote attackers to obtain sensitive network information via a request to the program. | |||||
CVE-2003-0178 | 1 Ibm | 1 Lotus Domino Web Server | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation. | |||||
CVE-2004-0709 | 1 Hp | 1 Openview Select Access | 2024-02-04 | 7.5 HIGH | N/A |
HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions. | |||||
CVE-1999-0814 | 1 Redhat | 1 Linux | 2024-02-04 | 10.0 HIGH | N/A |
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations. | |||||
CVE-2001-0606 | 2 Hp, Sun | 2 Virtualvault, Iplanet Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service. | |||||
CVE-2000-0726 | 1 Stalkerlab | 1 Mailers | 2024-02-04 | 2.6 LOW | N/A |
CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable. | |||||
CVE-2000-0664 | 1 Analogx | 1 Simpleserver Www | 2024-02-04 | 5.0 MEDIUM | N/A |
AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots. | |||||
CVE-2002-0568 | 1 Oracle | 3 Application Server, Oracle8i, Oracle9i | 2024-02-04 | 2.1 LOW | N/A |
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. | |||||
CVE-2001-1461 | 1 Rsa | 1 Securid | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) \.. sequences. | |||||
CVE-2003-1064 | 1 Sun | 1 Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet. | |||||
CVE-2004-2133 | 1 Cvsup | 1 Cvsup | 2024-02-04 | 4.6 MEDIUM | N/A |
Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages. | |||||
CVE-2001-1000 | 1 Merit | 1 Aaa Radius Server | 2024-02-04 | 2.1 LOW | N/A |
rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file. | |||||
CVE-2001-0832 | 1 Oracle | 1 Database Server | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability." | |||||
CVE-2001-1190 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended. |