Total
253964 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0874 | 1 Redhat | 1 Interchange | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files. | |||||
CVE-1999-1340 | 1 Hylafax | 1 Hylafax | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gain privileges via a long -m command line argument. | |||||
CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2024-02-04 | 7.5 HIGH | N/A |
Vacation program allows command execution by remote users through a sendmail command. | |||||
CVE-1999-0303 | 4 Digital, Netbsd, Openbsd and 1 more | 5 Osf 1, Netbsd, Openbsd and 2 more | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. | |||||
CVE-2000-0215 | 1 Sco | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. | |||||
CVE-2002-2403 | 1 Key Focus | 1 Kf Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences. | |||||
CVE-2003-0755 | 1 Gtkftpd | 1 Gtkftp | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command. | |||||
CVE-2001-0211 | 1 Silverplatter | 1 Webspirs | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter. | |||||
CVE-2002-0086 | 1 Ibm | 1 Lotus Domino | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable. | |||||
CVE-2000-1171 | 1 Markus Triska | 1 Cgiforum | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter. | |||||
CVE-1999-1055 | 1 Microsoft | 1 Excel | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability." | |||||
CVE-2002-0484 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system. | |||||
CVE-2002-1129 | 2 Compaq, Digital | 2 Tru64, Osf 1 | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument. | |||||
CVE-2003-0511 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL. | |||||
CVE-2002-1227 | 1 Pam | 1 Pam | 2024-02-04 | 7.5 HIGH | N/A |
PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users. | |||||
CVE-2002-2165 | 1 Imho | 1 Imho Webmail | 2024-02-04 | 2.1 LOW | N/A |
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox. | |||||
CVE-2002-1705 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight. | |||||
CVE-2003-0624 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier allows remote attackers to inject malicious web script via the person parameter. | |||||
CVE-2002-0954 | 1 Cisco | 1 Pix Firewall | 2024-02-04 | 7.5 HIGH | N/A |
The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | |||||
CVE-2002-0246 | 1 Caldera | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint. |