Total
254376 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2336 | 1 Symantec | 1 Norton Personal Firewall | 2024-02-04 | 4.3 MEDIUM | N/A |
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
CVE-2004-1687 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter. | |||||
CVE-2001-0328 | 2024-02-04 | 5.0 MEDIUM | N/A | ||
TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN. | |||||
CVE-2002-1001 | 1 Analogx | 1 Proxy | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname. | |||||
CVE-1999-1414 | 1 Ibm | 1 Netfinity Remote Control | 2024-02-04 | 7.2 HIGH | N/A |
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges. | |||||
CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | |||||
CVE-2002-0376 | 1 Apple | 1 Quicktime | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. | |||||
CVE-1999-0106 | 2024-02-04 | 2.1 LOW | N/A | ||
Finger redirection allows finger bombs. | |||||
CVE-2002-0558 | 1 Typsoft | 1 Typsoft Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending in wildcard *.* characters. | |||||
CVE-2001-0677 | 1 Qualcomm | 1 Eudora | 2024-02-04 | 5.0 MEDIUM | N/A |
Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user. | |||||
CVE-2001-0465 | 1 Intuit | 1 Turbo Tax | 2024-02-04 | 4.6 MEDIUM | N/A |
TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information. | |||||
CVE-2001-1265 | 1 Ibm | 1 Alphaworks Tftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack. | |||||
CVE-1999-1351 | 1 Kvirc | 1 Irc Client | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request. | |||||
CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2024-02-04 | 7.5 HIGH | N/A |
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | |||||
CVE-2001-0392 | 1 Navision | 1 Financials Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash. | |||||
CVE-2001-0188 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash. | |||||
CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2024-02-04 | 4.6 MEDIUM | N/A |
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | |||||
CVE-2004-1898 | 1 Tildeslash | 1 Monit | 2024-02-04 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username. | |||||
CVE-1999-0651 | 2024-02-04 | 7.5 HIGH | N/A | ||
The rsh/rlogin service is running. | |||||
CVE-2003-1533 | 1 Phppass | 1 Phppass | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. |