Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1320 | 1 University Of Washington | 1 Pine | 2024-02-28 | 5.0 MEDIUM | N/A |
Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). | |||||
CVE-2002-0439 | 1 Caupo.net | 1 Cauposhop | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field. | |||||
CVE-2002-0991 | 1 Hp | 1 Cifs-9000 Server | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | |||||
CVE-2001-1394 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service. | |||||
CVE-2004-2259 | 1 Beasts | 1 Vsftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | |||||
CVE-2004-0392 | 1 Kame | 1 Racoon | 2024-02-28 | 5.0 MEDIUM | N/A |
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields. | |||||
CVE-2000-0394 | 1 Axent | 1 Netprowler | 2024-02-28 | 5.0 MEDIUM | N/A |
NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. | |||||
CVE-2001-0948 | 1 Valicert | 1 Enterprise Validation Authority | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed. | |||||
CVE-2000-1132 | 1 Dcscripts | 1 Dcforum | 2024-02-28 | 6.4 MEDIUM | N/A |
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable. | |||||
CVE-2002-0597 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 5.0 MEDIUM | N/A |
LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445. | |||||
CVE-2002-0809 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 7.5 HIGH | N/A |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names. | |||||
CVE-2002-2134 | 1 Peel | 1 Peel | 2024-02-28 | 5.0 MEDIUM | N/A |
haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file. | |||||
CVE-2002-0459 | 1 Linux-sottises | 2 Board-tnk, News-tnk | 2024-02-28 | 7.6 HIGH | N/A |
Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | |||||
CVE-2000-0184 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2024-02-28 | 2.1 LOW | N/A |
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. | |||||
CVE-2003-1308 | 1 Fvwm | 1 Fvwm | 2024-02-28 | 4.6 MEDIUM | N/A |
CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename. | |||||
CVE-2002-1552 | 1 Novell | 1 Edirectory | 2024-02-28 | 7.5 HIGH | N/A |
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. | |||||
CVE-2002-1078 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters. | |||||
CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in Linux syslogd via a large number of connections. | |||||
CVE-2003-1022 | 1 Debian | 1 Fsp | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | |||||
CVE-2002-0334 | 1 Xtell | 1 Xtell | 2024-02-28 | 2.1 LOW | N/A |
xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. |