Total
256646 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1539 | 1 Alt-n | 1 Mdaemon | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments. | |||||
CVE-2001-0899 | 2 Phpnuke, Rick Fournier | 2 Php-nuke, Network Tools | 2024-02-04 | 7.5 HIGH | N/A |
Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable. | |||||
CVE-2003-0416 | 1 Bandmin | 1 Bandmin | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.cgi for Bandmin 1.4 allows remote attackers to insert arbitrary HTML or script via (1) the year parameter in a showmonth action, (2) the month parameter in a showmonth action, or (3) the host parameter in a showhost action. | |||||
CVE-2004-2197 | 1 Kdocker | 1 Kdocker | 2024-02-04 | 7.2 HIGH | N/A |
kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs. | |||||
CVE-2000-1015 | 1 Open Source Development Network | 1 Slashcode | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of Slashcode before version 2.0 Alpha has a default administrative password, which allows remote attackers to gain Slashcode privileges and possibly execute arbitrary commands. | |||||
CVE-2003-0737 | 1 Phpwebsite | 1 Phpwebsite | 2024-02-04 | 5.0 MEDIUM | N/A |
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library. | |||||
CVE-2000-0852 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges. | |||||
CVE-2000-1194 | 1 Argosoft | 1 Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | |||||
CVE-1999-0841 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. | |||||
CVE-2000-1017 | 1 Webteacher | 1 Webdata | 2024-02-04 | 5.0 MEDIUM | N/A |
Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by posting a request to import the file into the WebData database. | |||||
CVE-2001-0179 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." | |||||
CVE-2004-1466 | 1 Gallery Project | 1 Gallery | 2024-02-04 | 7.5 HIGH | N/A |
The set_time_limit function in Gallery before 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote attackers to upload and execute execute arbitrary scripts before they are deleted, if the temporary directory is under the web root. | |||||
CVE-2001-0754 | 1 Cisco | 1 Cbos | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. | |||||
CVE-2002-0139 | 1 Pi-soft | 1 Spoonftp | 2024-02-04 | 7.5 HIGH | N/A |
Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command. | |||||
CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | |||||
CVE-2003-0629 | 1 Peoplesoft | 1 Peopletools | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript. | |||||
CVE-2002-0025 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, which allows remote attackers to modify which application is used to process a document. | |||||
CVE-2002-0886 | 1 Cisco | 1 Cbos | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | |||||
CVE-1999-0431 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service. | |||||
CVE-2003-0112 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. |