Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1392 | 1 Gert Doering | 1 Mgetty | 2024-02-04 | 2.1 LOW | N/A |
faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | |||||
CVE-1999-0395 | 1 Backweb Technologies | 1 Backweb Polite Agent Protocol | 2024-02-04 | 5.1 MEDIUM | N/A |
A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server. | |||||
CVE-2000-0615 | 1 Astart Technologies | 1 Lprng | 2024-02-04 | 2.1 LOW | N/A |
LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files. | |||||
CVE-2001-1194 | 1 Zyxel | 2 Prestige 1600, Prestige 681 | 2024-02-04 | 5.0 MEDIUM | N/A |
Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly. | |||||
CVE-2002-0239 | 1 Hanterm | 1 Hanterm | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument. | |||||
CVE-2002-2187 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact. | |||||
CVE-2000-0345 | 1 Cisco | 7 Ios, Router 2500, Router 2600 and 4 more | 2024-02-04 | 2.1 LOW | N/A |
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | |||||
CVE-2000-0647 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST command before logging into the server. | |||||
CVE-1999-0130 | 7 Bsdi, Caldera, Eric Allman and 4 more | 7 Bsd Os, Network Desktop, Sendmail and 4 more | 2024-02-04 | 7.2 HIGH | N/A |
Local users can start Sendmail in daemon mode and gain root privileges. | |||||
CVE-2003-1453 | 1 Xoops | 1 Xoops | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag. | |||||
CVE-2002-1684 | 2 Deerfield, Working Resources Inc. | 2 D2gfx, Badblue | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents. | |||||
CVE-2002-1319 | 2 Linux, Trustix | 2 Linux Kernel, Secure Linux | 2024-02-04 | 2.1 LOW | N/A |
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. | |||||
CVE-2003-1042 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 10.0 HIGH | N/A |
SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name. | |||||
CVE-2000-0095 | 1 Hp | 1 Hp-ux | 2024-02-04 | 5.0 MEDIUM | N/A |
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. | |||||
CVE-2002-0516 | 1 Squirrelmail | 1 Squirrelmail | 2024-02-04 | 10.0 HIGH | N/A |
SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie. | |||||
CVE-2001-0776 | 1 Dynfx | 1 Dynfx Mailserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service. | |||||
CVE-2003-1471 | 1 Alt-n | 1 Mdaemon | 2024-02-04 | 6.3 MEDIUM | N/A |
MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. | |||||
CVE-2004-0323 | 1 Xmb Forum | 1 Xmb | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. NOTE: it has also been shown that item (3) is also in XMB 1.9 beta. | |||||
CVE-2003-1349 | 1 Thomas Krebs | 1 Niteserver Ftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to list arbitrary directories via a "\.." (backslash dot dot) in the CD (CWD) command. | |||||
CVE-2002-1438 | 1 Novell | 1 Netware | 2024-02-04 | 5.0 MEDIUM | N/A |
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option. |