Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1152 | 1 Infrontech | 1 Webtide | 2024-02-28 | 5.0 MEDIUM | N/A |
WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). | |||||
CVE-1999-1178 | 1 Sambar | 1 Sambar Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. | |||||
CVE-2002-0545 | 1 Cisco | 2 Aironet Ap340, Aironet Ap350 | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. | |||||
CVE-2004-1679 | 1 Jigunet | 2 Twinftp Enterprise, Twinftp Standard | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ (triple dot) in the (1) CWD, (2) STOR, or (3) RETR commands. | |||||
CVE-2003-0927 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. | |||||
CVE-1999-1464 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. | |||||
CVE-2004-1641 | 1 South River Technologies | 1 Titan Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST. | |||||
CVE-2001-0293 | 1 Datawizard | 1 Ftpxq | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command. | |||||
CVE-1999-0160 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | |||||
CVE-2003-0970 | 1 Sun | 1 Sun Fire | 2024-02-28 | 5.0 MEDIUM | N/A |
The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled. | |||||
CVE-1999-0078 | 10 Bsdi, Freebsd, Hp and 7 more | 11 Bsd Os, Freebsd, Hp-ux and 8 more | 2024-02-28 | 1.9 LOW | N/A |
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | |||||
CVE-2002-1673 | 1 Webmin | 1 Webmin | 2024-02-28 | 3.6 LOW | N/A |
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file. | |||||
CVE-2001-0016 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. | |||||
CVE-2002-0408 | 1 Lotus | 1 Domino | 2024-02-28 | 5.0 MEDIUM | N/A |
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message. | |||||
CVE-2003-0934 | 1 Symbol Technologies | 1 Pdt | 2024-02-28 | 4.6 MEDIUM | N/A |
Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network. | |||||
CVE-2002-1707 | 1 Phpbb Group | 1 Phpbb | 2024-02-28 | 5.0 MEDIUM | N/A |
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2002-1179 | 1 Microsoft | 1 Outlook Express | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message. | |||||
CVE-2004-0766 | 1 Ngsec | 1 Stackdefender | 2024-02-28 | 5.0 MEDIUM | N/A |
NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwProtectVirtualMemory functions. | |||||
CVE-2000-0802 | 1 Pgp | 1 Personal Privacy | 2024-02-28 | 3.6 LOW | N/A |
The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR. | |||||
CVE-2000-0893 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. |