Total
253945 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0777 | 1 Ipswitch | 1 Imail | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter. | |||||
| CVE-2004-1419 | 1 Zeroboard | 1 Zeroboard | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-0999 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files. | |||||
| CVE-2002-1408 | 1 Hp | 2 Openview Emanate Snmp Agent, Vvos | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name. | |||||
| CVE-2002-0235 | 1 Castelle | 1 Faxpress | 2024-02-04 | 7.5 HIGH | N/A |
| Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event. | |||||
| CVE-1999-1142 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user. | |||||
| CVE-2002-1516 | 1 Sgi | 1 Irix | 2024-02-04 | 4.6 MEDIUM | N/A |
| rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2002-1123 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow. | |||||
| CVE-2001-0930 | 1 Sendpage | 1 Sendpage.pl | 2024-02-04 | 7.5 HIGH | N/A |
| Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | |||||
| CVE-2004-2082 | 1 Karjasoft | 1 Sami Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters. | |||||
| CVE-2004-0416 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
| Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. | |||||
| CVE-2004-1425 | 1 Moodle | 1 Moodle | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. | |||||
| CVE-2000-0702 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file. | |||||
| CVE-2000-0986 | 1 Oracle | 1 Oracle8i | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable. | |||||
| CVE-2003-1245 | 1 Mambo | 1 Mambo Site Server | 2024-02-04 | 10.0 HIGH | N/A |
| index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. | |||||
| CVE-2002-1259 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1286. Reason: This candidate is a reservation duplicate of CVE-2002-1286. Notes: All CVE users should reference CVE-2002-1286 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-1999-1451 | 1 Microsoft | 2 Internet Information Server, Site Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files. | |||||
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | |||||
| CVE-2000-0541 | 1 Panda | 1 Panda Antivirus | 2024-02-04 | 7.2 HIGH | N/A |
| The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command. | |||||
| CVE-2000-0873 | 1 Ibm | 1 Aix | 2024-02-04 | 2.1 LOW | N/A |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||