Total
253878 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1049 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 4.6 MEDIUM | N/A |
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | |||||
CVE-2004-0002 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 10.0 HIGH | N/A |
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. | |||||
CVE-1999-1061 | 1 Hp | 1 Jetdirect | 2024-02-04 | 7.5 HIGH | N/A |
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. | |||||
CVE-2002-2256 | 1 Pwins | 1 Pwins | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters. | |||||
CVE-1999-0079 | 1 Bisonware | 1 Bisonware Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports. | |||||
CVE-2003-1351 | 1 Greg Billock | 1 Edittag | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. | |||||
CVE-2002-0441 | 1 Jerrett Taylor | 1 Php Imglist | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter. | |||||
CVE-1999-1399 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed. | |||||
CVE-2002-2050 | 1 Modlogan | 1 Modlogan | 2024-02-04 | 2.1 LOW | N/A |
Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry. | |||||
CVE-2001-0040 | 1 Apc | 1 Apcupsd | 2024-02-04 | 2.1 LOW | N/A |
APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file. | |||||
CVE-2002-1658 | 1 Apache | 1 Http Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. | |||||
CVE-2002-2243 | 1 Akfingerd | 1 Akfingerd | 2024-02-04 | 5.0 MEDIUM | N/A |
Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time out connections, which allows remote attackers to cause a denial of service (refused connections) by opening a connection and not closing it. | |||||
CVE-2004-1615 | 1 Opera | 1 Opera Browser | 2024-02-04 | 2.6 LOW | N/A |
Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme. | |||||
CVE-2004-0811 | 1 Apache | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration. | |||||
CVE-2002-0978 | 1 Microsoft | 1 File Transfer Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function. | |||||
CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
CVE-2002-1490 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. | |||||
CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | |||||
CVE-2004-0543 | 1 Oracle | 2 Applications, E-business Suite | 2024-02-04 | 10.0 HIGH | N/A |
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. |