Total
254006 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2237 | 1 Moodle | 1 Moodle | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts." | |||||
CVE-2004-0582 | 1 Webmin | 1 Webmin | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module. | |||||
CVE-2002-1121 | 4 Gfi, Network Associates, Roaring Penguin and 1 more | 5 Mailsecurity, Webshield Smtp, Canit and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. | |||||
CVE-2003-1224 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 2.1 LOW | N/A |
Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen. | |||||
CVE-2002-1581 | 2 Debian, Mailreader.com | 2 Debian Linux, Mailreader.com | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter. | |||||
CVE-2003-0034 | 1 Jean-jacques Sarton | 1 Mtink | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable. | |||||
CVE-2004-1537 | 1 Phpkit | 1 Phpkit | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter. | |||||
CVE-2001-1379 | 1 Guiseppe Tanzilli And Matthias Eckermann | 1 Mod Auth Pgsql | 2024-02-04 | 7.5 HIGH | N/A |
The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name. | |||||
CVE-2000-0359 | 1 Acme Labs | 1 Thttpd | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header. | |||||
CVE-2000-0365 | 1 Redhat | 1 Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices. | |||||
CVE-1999-0450 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | |||||
CVE-2000-0178 | 1 Foundrynet | 1 Serveriron | 2024-02-04 | 7.5 HIGH | N/A |
ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. | |||||
CVE-2000-0991 | 1 Hilgraeve | 1 Hyperterminal | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote attackers to execute arbitrary commands via a long telnet URL, aka the "HyperTerminal Buffer Overflow" vulnerability. | |||||
CVE-2003-0558 | 1 Leapware | 1 Leapftp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request. | |||||
CVE-2004-1740 | 1 Music Daemon | 1 Music Daemon | 2024-02-04 | 5.0 MEDIUM | N/A |
Music daemon (musicd) 0.0.3 and earlier allows remote attackers to read arbitrary files by calling LOAD with a full pathname, then calling SHOWLIST. | |||||
CVE-2001-0290 | 1 Gnu | 1 Mailman | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | |||||
CVE-2004-0613 | 1 Osticket | 1 Osticket Sts | 2024-02-04 | 7.5 HIGH | N/A |
osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory. | |||||
CVE-2002-1513 | 1 Compaq | 1 Tcp-ip Services | 2024-02-04 | 4.6 MEDIUM | N/A |
The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges. | |||||
CVE-2002-0436 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. | |||||
CVE-2001-0468 | 1 Ftpfs | 1 Ftpfs | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. |