Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0113 | 1 Omnicron | 1 Omnihttpd | 2024-02-28 | 10.0 HIGH | N/A |
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script. | |||||
CVE-2000-0463 | 1 Be | 1 Beos | 2024-02-28 | 5.0 MEDIUM | N/A |
BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
CVE-2004-0403 | 1 Kame | 1 Racoon | 2024-02-28 | 5.0 MEDIUM | N/A |
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field. | |||||
CVE-2003-0931 | 1 Sygate Technologies | 1 Enforcer | 2024-02-28 | 5.0 MEDIUM | N/A |
Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999. | |||||
CVE-2002-0114 | 1 Emc | 1 Networker | 2024-02-28 | 4.6 MEDIUM | N/A |
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | |||||
CVE-2002-0502 | 1 Citrix | 1 Nfuse | 2024-02-28 | 5.0 MEDIUM | N/A |
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. | |||||
CVE-2004-0131 | 1 Gnu | 1 Radius | 2024-02-28 | 5.0 MEDIUM | N/A |
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | |||||
CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2024-02-28 | 5.1 MEDIUM | N/A |
NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
CVE-2000-0042 | 1 Csm | 1 Mail Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. | |||||
CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
CVE-2003-0676 | 1 Sun | 2 Iplanet Directory Server, One Directory Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. | |||||
CVE-2002-1064 | 1 T. Hauck | 1 Jana Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server. | |||||
CVE-2004-2010 | 1 Phpshop | 1 Phpshop | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg. | |||||
CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2024-02-28 | 10.0 HIGH | N/A |
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | |||||
CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
CVE-2002-2209 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors. | |||||
CVE-1999-0935 | 2024-02-28 | 10.0 HIGH | N/A | ||
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. | |||||
CVE-2000-0500 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing. | |||||
CVE-2000-0710 | 1 Microsoft | 1 Frontpage | 2024-02-28 | 5.0 MEDIUM | N/A |
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name. | |||||
CVE-2003-0203 | 2 Moxftp, Xftp | 2 Moxftp, Xftp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. |