Total
253940 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1453 | 1 Oracle | 1 Mysql | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter. | |||||
CVE-2004-2201 | 1 Duware | 1 Duforum | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail.asp, or (3) password parameter in the login form. | |||||
CVE-1999-1154 | 1 Lakeweb | 1 Filemail Cgi Script | 2024-02-04 | 7.5 HIGH | N/A |
LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
CVE-1999-1341 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.6 MEDIUM | N/A |
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices. | |||||
CVE-1999-1559 | 1 Alcatel | 1 Omniswitch | 2024-02-04 | 5.0 MEDIUM | N/A |
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time. | |||||
CVE-2004-1508 | 1 Webcalendar | 1 Webcalendar | 2024-02-04 | 7.5 HIGH | N/A |
init.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter. | |||||
CVE-2004-0677 | 1 Fastream | 1 Netfile Ftp Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive ("A"). | |||||
CVE-2002-1731 | 1 Ibm | 1 Os 400 | 2024-02-04 | 2.1 LOW | N/A |
The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF. | |||||
CVE-1999-0742 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
The Debian mailman package uses weak authentication, which allows attackers to gain privileges. | |||||
CVE-2004-1516 | 1 Phpwebsite | 1 Phpwebsite | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the block_username parameter in the user module. | |||||
CVE-2002-1931 | 1 Php Arena | 1 Pafiledb | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string. | |||||
CVE-2004-1992 | 1 Solarwinds | 1 Serv-u File Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read. | |||||
CVE-2004-2003 | 1 Delegate | 1 Delegate | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field. | |||||
CVE-2000-0899 | 1 Max Feoktistov | 1 Small Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests. | |||||
CVE-2002-0499 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories. | |||||
CVE-1999-1499 | 1 Isc | 1 Bind | 2024-02-04 | 2.1 LOW | N/A |
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||
CVE-2002-1168 | 1 Ibm | 1 Websphere Caching Proxy Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response. | |||||
CVE-1999-0665 | 2024-02-04 | 10.0 HIGH | N/A | ||
An application-critical Windows NT registry key has an inappropriate value. | |||||
CVE-2003-1466 | 1 Phorum | 1 Phorum | 2024-02-04 | 7.5 HIGH | N/A |
Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites via (1) register.php or (2) login.php. | |||||
CVE-2002-0011 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 5.0 MEDIUM | N/A |
Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login. |