Total
28986 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2021 | 1 Oscommerce | 1 Oscommerce | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument. | |||||
CVE-2001-1322 | 1 Xinetd | 1 Xinetd | 2024-02-28 | 3.6 LOW | N/A |
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask. | |||||
CVE-2004-1124 | 1 Sco | 2 Openserver, Unixware | 2024-02-28 | 4.6 MEDIUM | N/A |
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. | |||||
CVE-2004-0152 | 1 Emil | 1 Emil | 2024-02-28 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames. | |||||
CVE-2002-1592 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. | |||||
CVE-2000-0324 | 1 Symantec | 1 Pcanywhere | 2024-02-28 | 5.0 MEDIUM | N/A |
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. | |||||
CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | |||||
CVE-2001-1406 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 2.1 LOW | N/A |
process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent. | |||||
CVE-1999-1362 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. | |||||
CVE-2002-0304 | 1 Summit Computer Networks | 1 Lil Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request. | |||||
CVE-2004-0547 | 1 Postgresql | 1 Postgresql | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash). | |||||
CVE-2000-0987 | 1 Oracle | 2 Internet Directory, Oracle8i | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. | |||||
CVE-2004-1186 | 1 Gnu | 1 Enscript | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash). | |||||
CVE-2003-1527 | 2 Ibm, Iss | 2 Internet Security Systems Blackice Defender, Blackice Server Protection | 2024-02-28 | 4.3 MEDIUM | N/A |
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
CVE-2004-1704 | 1 Wire Plastic Design | 1 Wpquiz | 2024-02-28 | 7.5 HIGH | N/A |
WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory. | |||||
CVE-2004-2153 | 1 Real Estate Management Software | 1 Real Estate Management Software | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors. | |||||
CVE-2002-1677 | 1 Mrtg | 1 Mrtgconfig | 2024-02-28 | 5.0 MEDIUM | N/A |
14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine the physical path to the web root directory via a request with an invalid cfg parameter, which generates an error message that reveals the path. | |||||
CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2024-02-28 | 5.0 MEDIUM | N/A |
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. | |||||
CVE-2002-2106 | 1 Wikkitikkitavi | 1 Wikkitikkitavi | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php. | |||||
CVE-2001-0288 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. |