Total
253942 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0463 | 1 L0pht | 1 L0phtcrack | 2024-02-04 | 5.0 MEDIUM | N/A |
Remote attackers can perform a denial of service using IRIX fcagent. | |||||
CVE-2003-0990 | 1 Squirrelmail | 2 Gpg Plugin, Squirrelmail | 2024-02-04 | 7.5 HIGH | N/A |
The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field. | |||||
CVE-2004-1504 | 1 Salims Softhouse | 1 Jaf Cms | 2024-02-04 | 5.0 MEDIUM | N/A |
The displaycontent function in config.php for Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to gain sensitive information via a blank show parameter, which reveals the installation path in an error message, as demonstrated using index.php. | |||||
CVE-2002-1233 | 1 Apache | 1 Http Server | 2024-02-04 | 2.6 LOW | N/A |
A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131. | |||||
CVE-2000-0688 | 1 Cgi Script Center | 1 Subscribe Me Lite | 2024-02-04 | 7.5 HIGH | N/A |
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter. | |||||
CVE-1999-0475 | 1 Procmail | 1 Procmail | 2024-02-04 | 1.2 LOW | N/A |
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail. | |||||
CVE-2001-0980 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2024-02-04 | 7.5 HIGH | N/A |
docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page. | |||||
CVE-2001-0631 | 1 Centrinity | 1 Centrinity Firstclass | 2024-02-04 | 5.0 MEDIUM | N/A |
Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users. | |||||
CVE-1999-0255 | 2024-02-04 | 10.0 HIGH | N/A | ||
Buffer overflow in ircd allows arbitrary command execution. | |||||
CVE-2004-0596 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference. | |||||
CVE-2002-1402 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-1999-0163 | 1 Eric Allman | 1 Sendmail | 2024-02-04 | 7.2 HIGH | N/A |
In older versions of Sendmail, an attacker could use a pipe character to execute root commands. | |||||
CVE-2004-0656 | 1 Pureftpd | 1 Pureftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections. | |||||
CVE-1999-0326 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in HP-UX mediainit program. | |||||
CVE-2000-1061 | 1 Microsoft | 1 Ie | 2024-02-04 | 5.1 MEDIUM | N/A |
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. | |||||
CVE-2000-0723 | 1 Helix Code | 1 Gnome Installer | 2024-02-04 | 1.2 LOW | N/A |
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config. | |||||
CVE-2002-0232 | 1 Mrtg | 1 Multi Router Traffic Grapher Cgi | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi. | |||||
CVE-2004-1673 | 1 Icewarp | 1 Web Mail | 2024-02-04 | 7.5 HIGH | N/A |
accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter. | |||||
CVE-2004-1596 | 1 3com | 1 3cradsl72 | 2024-02-04 | 7.5 HIGH | N/A |
The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remote attackers to gain sensitive information such as passwords and router settings via a direct HTTP request to app_sta.stm. | |||||
CVE-2003-0189 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. |