Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1688 | 1 Tech-noel | 1 Pigeon Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103. | |||||
CVE-2000-0303 | 1 Id Software | 1 Quake 3 Arena | 2024-02-28 | 6.4 MEDIUM | N/A |
Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. | |||||
CVE-2000-0733 | 1 Sgi | 1 Irix | 2024-02-28 | 10.0 HIGH | N/A |
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. | |||||
CVE-2001-0920 | 1 Patrick Schemitz | 1 Autonice Daemon | 2024-02-28 | 6.2 MEDIUM | N/A |
Format string vulnerability in auto nice daemon (AND) 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string. | |||||
CVE-2004-1543 | 1 Korweblog | 1 Korweblog | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter. | |||||
CVE-2000-0064 | 1 Nortel | 1 Contivity | 2024-02-28 | 5.0 MEDIUM | N/A |
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | |||||
CVE-2003-0589 | 1 Digi-fx | 1 Digi-news | 2024-02-28 | 10.0 HIGH | N/A |
admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | |||||
CVE-2002-1250 | 1 Abuse | 1 Abuse | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument. | |||||
CVE-2002-0379 | 1 University Of Washington | 1 Uw-imap | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request. | |||||
CVE-2002-1570 | 1 Ucd-snmp | 1 Ucd-snmp | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array. | |||||
CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-02-28 | 2.1 LOW | N/A |
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. | |||||
CVE-2004-2108 | 1 Quadcomm | 1 Q-shop | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp. | |||||
CVE-1999-1140 | 1 Alec Muffet | 1 Cracklib | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field. | |||||
CVE-2001-0220 | 2 Ja-elvis, Ko-helvis | 2 Ja-elvis, Ko-helvis | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges. | |||||
CVE-2002-0037 | 1 Ibm | 1 Lotus Domino Server | 2024-02-28 | 7.5 HIGH | N/A |
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. | |||||
CVE-2001-0505 | 1 Microsoft | 1 Services | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple memory leaks in Microsoft Services for Unix 2.0 allow remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed requests to (1) the Telnet service, or (2) the NFS service. | |||||
CVE-2004-0035 | 1 Phorum | 1 Phorum | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the hide_email parameter. | |||||
CVE-2001-0382 | 1 Broadcom | 1 Ccc Harvest | 2024-02-28 | 7.5 HIGH | N/A |
Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application. | |||||
CVE-1999-0296 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Solaris volrmmount program allows attackers to read any file. | |||||
CVE-2004-1944 | 1 Qualcomm | 1 Eudora | 2024-02-28 | 5.0 MEDIUM | N/A |
Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message. |