Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0052 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 2.1 LOW | N/A |
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. | |||||
CVE-2001-1252 | 1 Pgp | 1 Keyserver | 2024-02-04 | 10.0 HIGH | N/A |
Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory. | |||||
CVE-1999-0077 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Predictable TCP sequence numbers allow spoofing. | |||||
CVE-2002-0977 | 1 Microsoft | 1 File Transfer Manager | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value. | |||||
CVE-2002-1688 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button. | |||||
CVE-2004-0314 | 1 Freewebs | 1 Webzedit | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attackers to execute arbitrary script as other users via the message parameter. | |||||
CVE-2002-1979 | 1 Watchguard | 3 Legacy Rssa, Soho, Vclass | 2024-02-04 | 7.5 HIGH | N/A |
WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | |||||
CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
CVE-2002-0049 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | |||||
CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2024-02-04 | 2.1 LOW | N/A |
Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
CVE-2004-0189 | 1 Squid | 1 Squid | 2024-02-04 | 7.5 HIGH | N/A |
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists. | |||||
CVE-1999-0056 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Sun's ping program can give root access to local users. | |||||
CVE-2001-1153 | 1 Caldera | 1 Openunix | 2024-02-04 | 7.2 HIGH | N/A |
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument. | |||||
CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2024-02-04 | 1.2 LOW | N/A |
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | |||||
CVE-2001-1031 | 1 Charles Clark | 1 Meteor Ftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the ls/LIST command, or (2) a ... in the cd/CWD command. | |||||
CVE-2003-1168 | 1 Http Commander | 1 Http Commander | 2024-02-04 | 5.0 MEDIUM | N/A |
HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. | |||||
CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | |||||
CVE-2004-1619 | 1 Akella | 1 Privateers Bounty Age Of Sail Ii | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname. | |||||
CVE-2003-0236 | 1 Mirabilis | 1 Icq | 2024-02-04 | 7.5 HIGH | N/A |
Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers. |