Total
254277 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1971 | 1 Sourcecraft | 1 Networking Utils | 2024-02-04 | 10.0 HIGH | N/A |
The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument. | |||||
CVE-2002-0333 | 1 Xtell | 1 Xtell | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument. | |||||
CVE-2002-1531 | 1 Surfcontrol | 1 Superscout Email Filter | 2024-02-04 | 5.0 MEDIUM | N/A |
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter. | |||||
CVE-2002-1648 | 1 Squirrelmail | 1 Squirrelmail | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. | |||||
CVE-2001-0983 | 1 Ultraedit | 1 Ultraedit-32 | 2024-02-04 | 4.6 MEDIUM | N/A |
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges. | |||||
CVE-2003-0072 | 1 Mit | 2 Kerberos, Kerberos 5 | 2024-02-04 | 5.0 MEDIUM | N/A |
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | |||||
CVE-2002-1156 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled. | |||||
CVE-2002-0431 | 1 Dave Lawrence | 1 Xtux | 2024-02-04 | 5.0 MEDIUM | N/A |
XTux allows remote attackers to cause a denial of service (CPU consumption) via random inputs in the initial connection. | |||||
CVE-2002-1824 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability. | |||||
CVE-2001-0774 | 1 Tripwire | 1 Tripwire | 2024-02-04 | 4.6 MEDIUM | N/A |
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files. | |||||
CVE-1999-0789 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in AIX ftpd in the libc library. | |||||
CVE-2004-1988 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows remote attackers to execute arbitrary PHP code by modifying the CPG_M_DIR to reference a URL on a remote web server that contains functions.inc.php. | |||||
CVE-2004-1793 | 1 Yatsoft | 1 Switch Off | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. | |||||
CVE-2003-1113 | 1 Iptel | 1 Sip Express Router | 2024-02-04 | 7.5 HIGH | N/A |
The Session Initiation Protocol (SIP) implementation in IPTel SIP Express Router 0.8.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
CVE-1999-0952 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. | |||||
CVE-2003-0010 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2024-02-04 | 7.5 HIGH | N/A |
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. | |||||
CVE-2000-0629 | 1 Sun | 1 Java System Web Server | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. | |||||
CVE-2003-0083 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. | |||||
CVE-2000-0728 | 1 Xpdf | 1 Xpdf | 2024-02-04 | 7.2 HIGH | N/A |
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-1999-0349 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 7.5 HIGH | N/A |
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. |