Total
254267 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0271 | 1 Ada Core Technologies | 1 Gnat Pro Native | 2024-02-04 | 1.2 LOW | N/A |
Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files. | |||||
CVE-2001-0450 | 1 Transsoft | 1 Broker Ftp Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name. | |||||
CVE-2004-1522 | 1 3do | 1 Army Men Real Time Strategy Game | 2024-02-04 | 5.0 MEDIUM | N/A |
Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service (application crash) via a nickname that contains format strings. | |||||
CVE-2002-1514 | 1 Borland Software | 1 Interbase | 2024-02-04 | 7.2 HIGH | N/A |
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file. | |||||
CVE-2002-0745 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in uucp in AIX 4.3.3. | |||||
CVE-2003-0831 | 1 Proftpd Project | 1 Proftpd | 2024-02-04 | 9.0 HIGH | N/A |
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files. | |||||
CVE-2002-0612 | 1 Craig Patchett | 1 Fileseek | 2024-02-04 | 7.5 HIGH | N/A |
FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters. | |||||
CVE-1999-1073 | 1 Excite | 1 Ews | 2024-02-04 | 7.2 HIGH | N/A |
Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack. | |||||
CVE-2001-0740 | 1 3com | 2 3c840-us, 3cp4144 | 2024-02-04 | 5.0 MEDIUM | N/A |
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability. | |||||
CVE-1999-0466 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 7.2 HIGH | N/A |
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. | |||||
CVE-2004-1447 | 1 Jetbox | 1 Jetbox One Cms | 2024-02-04 | 5.0 MEDIUM | N/A |
Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information. | |||||
CVE-2004-0614 | 1 Osticket | 1 Osticket Sts | 2024-02-04 | 6.4 MEDIUM | N/A |
osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size. | |||||
CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2024-02-04 | 10.0 HIGH | N/A |
ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | |||||
CVE-2004-0368 | 3 Ibm, Open Group, Xi Graphics | 3 Aix, Cde Common Desktop Environment, Dextop | 2024-02-04 | 10.0 HIGH | N/A |
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. | |||||
CVE-2002-1399 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cash_out(2). | |||||
CVE-2000-0450 | 1 Sean Macguire | 1 Big Brother | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. | |||||
CVE-2001-0746 | 1 Iplanet | 1 Iplanet Web Server | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods. | |||||
CVE-2002-1635 | 1 Oracle | 1 Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin. | |||||
CVE-2003-1507 | 1 Planet Technology Corp | 2 Wgsd-1020, Wsw-2401 | 2024-02-04 | 10.0 HIGH | N/A |
Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a default "superuser" account with the "planet" password, which allows remote attackers to gain administrative access. | |||||
CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2024-02-04 | 7.5 HIGH | N/A |
The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |