Total
254016 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1796 | 1 Hotnews | 1 Hotnews | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3. | |||||
CVE-2000-0119 | 2 Mcafee, Symantec | 2 Virusscan, Norton Antivirus | 2024-02-04 | 7.2 HIGH | N/A |
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. | |||||
CVE-2003-1263 | 1 Brown Bear Software | 1 Ical | 2024-02-04 | 5.0 MEDIUM | N/A |
ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name. | |||||
CVE-2004-0629 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string. | |||||
CVE-2004-0530 | 1 Slackware | 1 Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path. | |||||
CVE-2002-0358 | 1 Sgi | 1 Mediamail | 2024-02-04 | 4.6 MEDIUM | N/A |
MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges. | |||||
CVE-2002-0325 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the URL. | |||||
CVE-1999-0586 | 2024-02-04 | N/A | N/A | ||
A network service is running on a nonstandard port. | |||||
CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2024-02-04 | 7.5 HIGH | N/A |
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | |||||
CVE-2001-0425 | 1 Adcycle | 1 Adcycle | 2024-02-04 | 7.5 HIGH | N/A |
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information. | |||||
CVE-2003-0450 | 1 Cistron | 1 Radius Daemon | 2024-02-04 | 7.5 HIGH | N/A |
Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buffer overflow. | |||||
CVE-2002-0137 | 1 Andreas Mueller | 1 Cdrdao | 2024-02-04 | 7.2 HIGH | N/A |
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file. | |||||
CVE-2004-0173 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences. | |||||
CVE-2001-1401 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3) showvotes.cgi, (4) showdependencytree.cgi, (5) showdependencygraph.cgi, (6) showattachment.cgi, or (7) describecomponents.cgi. | |||||
CVE-2001-0386 | 1 Analogx | 1 Simpleserver Www | 2024-02-04 | 5.0 MEDIUM | N/A |
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. | |||||
CVE-2001-1335 | 1 Aclogic | 1 Cesarftp | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot). | |||||
CVE-2001-0799 | 1 Sgi | 1 Irix | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument. | |||||
CVE-2004-0258 | 1 Realnetworks | 4 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player and 1 more | 2024-02-04 | 7.6 HIGH | N/A |
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. | |||||
CVE-2003-0335 | 1 Slackware | 1 Slackware Linux | 2024-02-04 | 7.5 HIGH | N/A |
rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | |||||
CVE-2000-0007 | 1 Trend Micro | 1 Pc-cillin | 2024-02-04 | 5.0 MEDIUM | N/A |
Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. |