Vulnerabilities (CVE)

Total 260444 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0932 1 Luis Bernardo 1 Myhelpdesk 2024-02-04 6.4 MEDIUM N/A
SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog.
CVE-2001-1241 1 Steve Grimm 1 Un-cgi 2024-02-04 7.5 HIGH N/A
Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name.
CVE-2000-1056 1 Cisco 1 Secure Access Control Server 2024-02-04 7.5 HIGH N/A
CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords.
CVE-2003-0906 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2024-02-04 7.6 HIGH N/A
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
CVE-2001-0004 1 Microsoft 2 Internet Information Server, Internet Information Services 2024-02-04 5.0 MEDIUM N/A
IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability.
CVE-1999-0974 1 Sun 2 Solaris, Sunos 2024-02-04 10.0 HIGH N/A
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
CVE-2004-1473 1 Symantec 12 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 9 more 2024-02-04 5.0 MEDIUM N/A
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
CVE-2004-0296 1 Transsoft 1 Broker Ftp Server 2024-02-04 5.0 MEDIUM N/A
TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a TsFtpSrv.exe to exit with an exception by opening and immediately closing a connection.
CVE-1999-0191 1 Microsoft 1 Internet Information Server 2024-02-04 6.4 MEDIUM N/A
IIS newdsn.exe CGI script allows remote users to overwrite files.
CVE-2000-1060 1 Xfree86 Project 1 Xfce 2024-02-04 4.6 MEDIUM N/A
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.
CVE-2001-1390 1 Linux 1 Linux Kernel 2024-02-04 6.2 MEDIUM N/A
Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages.
CVE-2004-1549 1 Onnuri Infotek 1 Activepost Standard 2024-02-04 5.0 MEDIUM N/A
The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection.
CVE-2001-0409 1 Vim Development Group 1 Vim 2024-02-04 2.1 LOW N/A
vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.
CVE-1999-0312 1 Hp 1 Hp-ux 2024-02-04 5.0 MEDIUM N/A
HP ypbind allows attackers with root privileges to modify NIS data.
CVE-2004-1710 1 Andrew Kilpatrick 1 Page Cgi 2024-02-04 7.5 HIGH N/A
page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter.
CVE-2003-1553 1 Sips 1 Sips 2024-02-04 4.3 MEDIUM N/A
Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory.
CVE-2000-0729 1 Freebsd 1 Freebsd 2024-02-04 2.1 LOW N/A
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
CVE-2002-1553 1 Cisco 1 Optical Networking Systems Software 2024-02-04 7.5 HIGH N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist.
CVE-2004-0583 3 Debian, Usermin, Webmin 3 Debian Linux, Usermin, Webmin 2024-02-04 5.0 MEDIUM N/A
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
CVE-2004-1352 1 Sun 2 Solaris, Sunos 2024-02-04 7.2 HIGH N/A
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.