Total
258808 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0154 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments. | |||||
| CVE-2002-2389 | 1 Fastlink Software | 1 The Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files. | |||||
| CVE-1999-0774 | 1 Martin Stover | 1 Mars Nwe | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names. | |||||
| CVE-2003-0218 | 1 Monkey-project | 1 Monkey | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body. | |||||
| CVE-2000-0226 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability." | |||||
| CVE-1999-1277 | 1 Backweb Technologies | 1 Backweb Client | 2024-02-04 | 4.6 MEDIUM | N/A |
| BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. | |||||
| CVE-2001-0060 | 1 Stunnel | 1 Stunnel | 2024-02-04 | 10.0 HIGH | N/A |
| Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username. | |||||
| CVE-2001-1282 | 1 Ipswitch | 1 Imail | 2024-02-04 | 5.0 MEDIUM | N/A |
| Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. | |||||
| CVE-2002-0777 | 1 Ipswitch | 1 Imail | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter. | |||||
| CVE-2004-1419 | 1 Zeroboard | 1 Zeroboard | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-0999 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files. | |||||
| CVE-2002-1408 | 1 Hp | 2 Openview Emanate Snmp Agent, Vvos | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name. | |||||
| CVE-2002-0235 | 1 Castelle | 1 Faxpress | 2024-02-04 | 7.5 HIGH | N/A |
| Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event. | |||||
| CVE-1999-1142 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user. | |||||
| CVE-2002-1516 | 1 Sgi | 1 Irix | 2024-02-04 | 4.6 MEDIUM | N/A |
| rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2002-1123 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow. | |||||
| CVE-2001-0930 | 1 Sendpage | 1 Sendpage.pl | 2024-02-04 | 7.5 HIGH | N/A |
| Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | |||||
| CVE-2004-2082 | 1 Karjasoft | 1 Sami Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters. | |||||
| CVE-2004-0416 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
| Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. | |||||
| CVE-2004-1425 | 1 Moodle | 1 Moodle | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. | |||||