Vulnerabilities (CVE)

Filtered by CWE-20
Total 9842 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-2365 1 Springer Verlag Berlin Heidelberg 1 Simple Wais 2024-02-28 10.0 HIGH N/A
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character.
CVE-2003-1416 1 Bisonftp 1 Bisonftp Server 4 2024-02-28 4.3 MEDIUM N/A
BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command.
CVE-2001-0566 1 Cisco 1 Catalyst 2900 2024-02-28 5.0 MEDIUM N/A
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
CVE-2002-2325 1 University Of Washington 1 Pine 2024-02-28 7.8 HIGH N/A
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.
CVE-2002-2423 1 Sendmail 1 Sendmail 2024-02-28 6.4 MEDIUM N/A
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
CVE-2003-1490 1 Sonicwall 3 Pro100, Pro200, Pro300 2024-02-28 7.8 HIGH N/A
SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow.
CVE-2002-2236 1 Apt-www-proxy 1 Apt-www-proxy 2024-02-28 10.0 HIGH N/A
Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code.
CVE-2001-0748 1 Acme Labs 1 Acme Server 2024-02-28 5.0 MEDIUM N/A
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.
CVE-2002-2239 1 Cisco 3 Catalyst 6500, Catalyst 7600, Ios 2024-02-28 7.8 HIGH N/A
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
CVE-2002-1359 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2024-02-28 10.0 HIGH N/A
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
CVE-2003-1419 1 Netscape 1 Navigator 2024-02-28 4.3 MEDIUM N/A
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
CVE-2002-2322 1 Ultimate Php Board 1 Ultimate Php Board 2024-02-28 5.0 MEDIUM N/A
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
CVE-2004-0244 1 Cisco 1 Ios 2024-02-28 4.7 MEDIUM N/A
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
CVE-1999-0918 1 Microsoft 4 Windows 2000, Windows 95, Windows 98 and 1 more 2024-02-28 7.8 HIGH N/A
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
CVE-2002-2371 1 Linksys 1 Wet11 2024-02-28 7.8 HIGH N/A
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header.
CVE-2002-2420 1 Independent Solution 2 Simple Site Searcher, Super Site Searcher 2024-02-28 7.5 HIGH N/A
site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
CVE-2002-2406 1 Perception 1 Liteserve 2024-02-28 5.0 MEDIUM N/A
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request.
CVE-2003-0795 3 Gnu, Quagga, Sgi 3 Zebra, Quagga, Propack 2024-02-28 5.0 MEDIUM N/A
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
CVE-1999-0999 1 Microsoft 1 Sql Server 2024-02-28 4.3 MEDIUM N/A
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
CVE-2002-2228 1 Mailscanner 1 Mailscanner 2024-02-28 6.4 MEDIUM N/A
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner.