Total
259231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0017 | 9 Caldera, Freebsd, Gnu and 6 more | 11 Openlinux, Freebsd, Inet and 8 more | 2024-02-04 | 7.5 HIGH | N/A |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||||
| CVE-2004-1914 | 2 Francisco Burzi, Shiba-design | 2 Php-nuke, Nukecalendar | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to execute arbitrary SQL commands via the eid parameter. | |||||
| CVE-2001-0965 | 1 Glftpd | 1 Glftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters. | |||||
| CVE-2001-0063 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
| procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges. | |||||
| CVE-2003-1465 | 1 Phorum | 1 Phorum | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attackers to read arbitrary files. | |||||
| CVE-2003-0669 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 1.2 LOW | N/A |
| Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users. | |||||
| CVE-1999-0979 | 1 Sco | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
| The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. | |||||
| CVE-2004-2057 | 1 Xlinesoft | 1 Asprunner | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements. | |||||
| CVE-2001-1563 | 2 Apache, Hp | 2 Tomcat, Secure Os | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers. | |||||
| CVE-2001-0052 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 2.1 LOW | N/A |
| IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. | |||||
| CVE-2001-1252 | 1 Pgp | 1 Keyserver | 2024-02-04 | 10.0 HIGH | N/A |
| Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory. | |||||
| CVE-1999-0077 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| Predictable TCP sequence numbers allow spoofing. | |||||
| CVE-2002-0977 | 1 Microsoft | 1 File Transfer Manager | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value. | |||||
| CVE-2002-1688 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button. | |||||
| CVE-2004-0314 | 1 Freewebs | 1 Webzedit | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attackers to execute arbitrary script as other users via the message parameter. | |||||
| CVE-2002-1979 | 1 Watchguard | 3 Legacy Rssa, Soho, Vclass | 2024-02-04 | 7.5 HIGH | N/A |
| WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | |||||
| CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
| kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
| CVE-2002-0049 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 6.4 MEDIUM | N/A |
| Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | |||||
| CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2024-02-04 | 2.1 LOW | N/A |
| Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
| CVE-2004-0189 | 1 Squid | 1 Squid | 2024-02-04 | 7.5 HIGH | N/A |
| The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists. | |||||