Total
253921 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0468 | 2 Conectiva, Wietse Venema | 2 Linux, Postfix | 2024-02-04 | 5.0 MEDIUM | N/A |
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port. | |||||
CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2024-02-04 | 10.0 HIGH | N/A |
The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | |||||
CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2024-02-04 | 7.5 HIGH | N/A |
Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-2002-1541 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 7.5 HIGH | N/A |
BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash). | |||||
CVE-2002-0413 | 1 Rebb | 1 Rebb | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script. | |||||
CVE-2003-0363 | 1 Licq | 1 Licq | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers. | |||||
CVE-1999-0286 | 2024-02-04 | 10.0 HIGH | N/A | ||
In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages. | |||||
CVE-2002-1190 | 1 Cisco | 1 Unity Server | 2024-02-04 | 7.5 HIGH | N/A |
Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls. | |||||
CVE-2000-0699 | 1 Hp | 1 Hp-ux | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command. | |||||
CVE-2003-0781 | 1 Ecartis | 1 Ecartis | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords. | |||||
CVE-2000-1022 | 1 Cisco | 1 Pix Firewall Software | 2024-02-04 | 7.5 HIGH | N/A |
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands. | |||||
CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 3.7 LOW | N/A |
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||||
CVE-2004-1928 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-02-04 | 7.5 HIGH | N/A |
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL. | |||||
CVE-1999-1422 | 1 Slackware | 1 Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. | |||||
CVE-1999-1167 | 1 Third Voice | 1 Third Voice Web | 2024-02-04 | 6.4 MEDIUM | N/A |
Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation. | |||||
CVE-1999-0243 | 2024-02-04 | 10.0 HIGH | N/A | ||
Linux cfingerd could be exploited to gain root access. | |||||
CVE-1999-1419 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges. | |||||
CVE-2003-0743 | 1 University Of Cambridge | 1 Exim | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer. | |||||
CVE-1999-1095 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort. | |||||
CVE-2004-0555 | 1 Gnu | 1 Queue | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code. |