Total
256628 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2123 | 1 Gallery Project | 1 Gallery | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter. | |||||
CVE-2000-0290 | 1 4d | 1 Webstar Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request. | |||||
CVE-2002-1951 | 1 Goahead Software | 1 Goahead Webserver | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. | |||||
CVE-1999-0315 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Solaris fdformat command gives root access to local users. | |||||
CVE-1999-1108 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1107. Reason: This candidate is a duplicate of CVE-1999-1107. Notes: All CVE users should reference CVE-1999-1107 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2004-2098 | 1 Native Solutions | 1 Tbe Banner Engine | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary script as other users via the HTML banner view/preview capability. | |||||
CVE-2002-2026 | 1 Browseftp | 1 Browseftp Client | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply. | |||||
CVE-1999-0145 | 1 Eric Allman | 1 Sendmail | 2024-02-04 | 7.2 HIGH | N/A |
Sendmail WIZ command enabled, allowing root access. | |||||
CVE-2004-1800 | 1 Sysbotz | 1 Simpledata | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier versions allows remote attackers to gain access via a crafted URL and a certain cookie. | |||||
CVE-1999-0612 | 2 Gnu, Microsoft | 4 Finger Service, Fingerd, Windows 2000 and 1 more | 2024-02-04 | N/A | N/A |
A version of finger is running that exposes valid user information to any entity on the network. | |||||
CVE-2004-2243 | 1 Phorum | 1 Phorum | 2024-02-04 | 7.5 HIGH | N/A |
Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. NOTE: the affected version was reported to be 4.3.7, but this may be erroneous. | |||||
CVE-2001-0077 | 1 Sun | 1 Cluster | 2024-02-04 | 5.0 MEDIUM | N/A |
The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations. | |||||
CVE-2000-1046 | 1 Lotus | 1 Domino | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands. | |||||
CVE-1999-1220 | 1 Great Circle Associates | 1 Majordomo | 2024-02-04 | 7.5 HIGH | N/A |
Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | |||||
CVE-2003-0172 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. | |||||
CVE-2002-0556 | 1 Deep Forest Software | 1 Quik-serv Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
CVE-2003-0565 | 2024-02-04 | 5.0 MEDIUM | N/A | ||
Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 4.6 MEDIUM | N/A |
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | |||||
CVE-2004-1888 | 1 Aborior | 1 Encore Web Forum | 2024-02-04 | 7.5 HIGH | N/A |
display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | |||||
CVE-1999-1441 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it. |