Total
254001 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2104 | 1 Ganglia | 1 Php Rrd Web Client | 2024-02-04 | 7.5 HIGH | N/A |
| graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands via the command parameter, which is provided to the passthru function. | |||||
| CVE-2001-0801 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. | |||||
| CVE-2002-1757 | 1 Phprojekt | 1 Phprojekt | 2024-02-04 | 7.5 HIGH | N/A |
| PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, which is included in the PATH_INFO portion of the $PHP_SELF variable, as demonstrated using "mail_send.php/sms". | |||||
| CVE-2004-1739 | 1 Bird Chat | 1 Internet Chat Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users. | |||||
| CVE-2002-1920 | 1 Datawizard | 1 Ftpxq | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD command with a long directory name. | |||||
| CVE-2002-1177 | 1 Nullsoft | 1 Winamp | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag. | |||||
| CVE-2003-1030 | 1 Dameware Development | 1 Mini Remote Control Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129. | |||||
| CVE-2003-1119 | 1 Ssh | 1 Secure Shell | 2024-02-04 | 5.0 MEDIUM | N/A |
| SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets. | |||||
| CVE-2003-1010 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2002-2201 | 1 Webmin | 1 Webmin | 2024-02-04 | 10.0 HIGH | N/A |
| The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name. | |||||
| CVE-2003-0017 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. | |||||
| CVE-2004-2075 | 1 Sophos | 1 Sophos Anti-virus | 2024-02-04 | 5.0 MEDIUM | N/A |
| Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated. | |||||
| CVE-2004-1430 | 1 Ipbproarcade | 1 Ipbproarcade | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the show_stats module in Arcade.php in IbProArcade allows remote attackers to execute arbitrary SQL code via the gameid parameter. | |||||
| CVE-2003-0198 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 6.4 MEDIUM | N/A |
| Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. | |||||
| CVE-2003-0977 | 2 Cvs, Slackware | 2 Cvs, Slackware Linux | 2024-02-04 | 7.5 HIGH | N/A |
| CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests. | |||||
| CVE-2004-0643 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2024-02-04 | 4.6 MEDIUM | N/A |
| Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | |||||
| CVE-2002-0908 | 1 Cisco | 1 Ids Device Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. | |||||
| CVE-2003-1285 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query parameter to samples/search.dll, (5) the price parameter to mortgage.pl, (6) the query string in dumpenv.pl, (7) the query string to dumpenv.pl, and (8) the E-Mail field of the guestbook script (book.pl). | |||||
| CVE-2002-1095 | 1 Cisco | 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set. | |||||
| CVE-2002-0815 | 3 Microsoft, Mozilla, Netscape | 3 Internet Explorer, Mozilla, Navigator | 2024-02-04 | 7.5 HIGH | N/A |
| The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. | |||||