Total
253940 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0210 | 1 Tolis Group | 1 Bru | 2024-02-04 | 7.2 HIGH | N/A |
| setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file. | |||||
| CVE-1999-0880 | 2 Bsdi, Caldera | 2 Bsd Os, Openlinux | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. | |||||
| CVE-2004-0299 | 1 Smallftpd | 1 Smallftpd | 2024-02-04 | 2.1 LOW | N/A |
| Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash) characters. | |||||
| CVE-1999-1289 | 1 Mirabilis | 1 Icq | 2024-02-04 | 7.5 HIGH | N/A |
| ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration. | |||||
| CVE-2002-0160 | 1 Cisco | 1 Secure Access Control Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002. | |||||
| CVE-2000-0343 | 1 Brecht Claerhout | 1 Sniffit | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header. | |||||
| CVE-2004-0219 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
| isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-2004-2072 | 1 Mambo | 1 Mambo Open Source | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter. | |||||
| CVE-2003-1491 | 1 Kerio | 1 Personal Firewall | 2024-02-04 | 7.5 HIGH | N/A |
| Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. | |||||
| CVE-2004-1862 | 1 Xmb Forum | 1 Xmb | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, replymost, or latest parameter to stats.php, (4) message or icons parameter to post.php, (5) threadlist, pagelinks, forumlist, navigation, or (6) forumdisplay parameter to forumdisplay.php. | |||||
| CVE-2001-1220 | 1 D-link | 1 Dwl-1000ap | 2024-02-04 | 10.0 HIGH | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. | |||||
| CVE-2001-1505 | 1 Tinc | 1 Tinc | 2024-02-04 | 5.0 MEDIUM | N/A |
| tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets. | |||||
| CVE-2002-1837 | 1 Ids | 1 Ids | 2024-02-04 | 5.0 MEDIUM | N/A |
| The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not. | |||||
| CVE-2003-1102 | 1 Hummingbird | 1 Cyberdocs | 2024-02-04 | 5.0 MEDIUM | N/A |
| Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code. | |||||
| CVE-2002-1754 | 1 Novell | 1 Netware Client | 2024-02-04 | 2.1 LOW | N/A |
| Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname. | |||||
| CVE-2004-1456 | 1 Cvstrac | 1 Cvstrac | 2024-02-04 | 7.5 HIGH | N/A |
| filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo. | |||||
| CVE-2002-1642 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 7.2 HIGH | N/A |
| PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a denial of service (data loss) via the VACUUM command. | |||||
| CVE-2003-1256 | 1 E-theni | 1 E-theni | 2024-02-04 | 6.8 MEDIUM | N/A |
| aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. | |||||
| CVE-2004-0788 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2024-02-04 | 5.0 MEDIUM | N/A |
| Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file. | |||||
| CVE-2003-1411 | 1 Isoca | 1 Cedric Email Reader | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email Reader 0.4 allows remote attackers to execute arbitrary PHP code via the emailreader_ini parameter. | |||||