Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0241 | 1 Cisco | 1 Secure Access Control Server | 2024-02-04 | 7.5 HIGH | N/A |
NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server. | |||||
CVE-1999-0610 | 1 Mountain Network Systems | 1 Webcart | 2024-02-04 | 5.0 MEDIUM | N/A |
An incorrect configuration of the Webcart CGI program could disclose private information. | |||||
CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | |||||
CVE-2001-0026 | 1 Roaring Penguin | 1 Pppoe | 2024-02-04 | 5.0 MEDIUM | N/A |
rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option. | |||||
CVE-2003-0546 | 1 Redhat | 1 Up2date | 2024-02-04 | 7.5 HIGH | N/A |
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | |||||
CVE-2003-1535 | 1 Justice Media | 1 Guestbook | 2024-02-04 | 5.0 MEDIUM | N/A |
Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message. | |||||
CVE-2003-0715 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528. | |||||
CVE-2002-2343 | 1 Nocc | 1 Nocc | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. | |||||
CVE-2001-0370 | 1 Michael A. Gumienny | 1 Fcheck | 2024-02-04 | 4.6 MEDIUM | N/A |
fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters. | |||||
CVE-2004-0787 | 1 Openca | 1 Openca | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields. | |||||
CVE-2002-2143 | 1 Mysimplenews | 1 Mysimplenews | 2024-02-04 | 7.5 HIGH | N/A |
The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.html. | |||||
CVE-2001-0985 | 1 Hassan Consulting | 1 Shopping Cart | 2024-02-04 | 7.5 HIGH | N/A |
shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter. | |||||
CVE-2003-0876 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 2.1 LOW | N/A |
Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended. | |||||
CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | |||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2024-02-04 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||||
CVE-2001-0504 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying. | |||||
CVE-2003-0729 | 1 Tellurian | 1 Tftpdnt | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFTP request with a long filename. | |||||
CVE-2002-1271 | 1 Perl-mailtools | 1 Perl-mailtools | 2024-02-04 | 7.5 HIGH | N/A |
The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx. | |||||
CVE-1999-1058 | 1 Arcane Software | 1 Vermillion Ftp Daemon | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands. | |||||
CVE-2000-0325 | 1 Microsoft | 1 Jet | 2024-02-04 | 7.2 HIGH | N/A |
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability. |