Total
254010 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0376 | 1 Apple | 1 Quicktime | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. | |||||
CVE-1999-0106 | 2024-02-04 | 2.1 LOW | N/A | ||
Finger redirection allows finger bombs. | |||||
CVE-2002-0558 | 1 Typsoft | 1 Typsoft Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending in wildcard *.* characters. | |||||
CVE-2001-0677 | 1 Qualcomm | 1 Eudora | 2024-02-04 | 5.0 MEDIUM | N/A |
Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user. | |||||
CVE-2001-0465 | 1 Intuit | 1 Turbo Tax | 2024-02-04 | 4.6 MEDIUM | N/A |
TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information. | |||||
CVE-2001-1265 | 1 Ibm | 1 Alphaworks Tftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack. | |||||
CVE-1999-1351 | 1 Kvirc | 1 Irc Client | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request. | |||||
CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2024-02-04 | 7.5 HIGH | N/A |
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | |||||
CVE-2001-0392 | 1 Navision | 1 Financials Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash. | |||||
CVE-2001-0188 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash. | |||||
CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2024-02-04 | 4.6 MEDIUM | N/A |
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | |||||
CVE-2004-1898 | 1 Tildeslash | 1 Monit | 2024-02-04 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username. | |||||
CVE-1999-0651 | 2024-02-04 | 7.5 HIGH | N/A | ||
The rsh/rlogin service is running. | |||||
CVE-2003-1533 | 1 Phppass | 1 Phppass | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. | |||||
CVE-2002-0131 | 1 Activestate | 1 Activepython | 2024-02-04 | 5.0 MEDIUM | N/A |
ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script. | |||||
CVE-2004-1483 | 1 Symantec | 1 Clientless Vpn Gateway 4400 | 2024-02-04 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | |||||
CVE-2002-1266 | 1 Apple | 1 Mac Os X | 2024-02-04 | 4.6 MEDIUM | N/A |
Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File." | |||||
CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.2 HIGH | N/A |
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | |||||
CVE-2004-2128 | 1 Brs | 1 Webweaver | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll. | |||||
CVE-2002-0326 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript. |