Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0089 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | |||||
CVE-2001-0530 | 1 Spearhead | 2 Netgap 200, Netgap 300 | 2024-02-28 | 5.0 MEDIUM | N/A |
Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters. | |||||
CVE-2003-1039 | 1 Sap | 1 Mysap Business Suite | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server. | |||||
CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | |||||
CVE-2001-1034 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | |||||
CVE-1999-1455 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host. | |||||
CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. | |||||
CVE-2004-2184 | 1 Digicraft Software | 1 Yak | 2024-02-28 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or "..\" sequences in commands such as (1) dir or (2) put. | |||||
CVE-1999-0983 | 1 Internic | 1 Whois Lookup | 2024-02-28 | 7.5 HIGH | N/A |
Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. | |||||
CVE-2001-0105 | 1 Hp | 1 Hp-ux | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group. | |||||
CVE-2004-1723 | 1 Php Fusion | 1 Php Fusion | 2024-02-28 | 5.0 MEDIUM | N/A |
The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message. | |||||
CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | |||||
CVE-2001-0739 | 1 Engardelinux | 1 Secure Linux | 2024-02-28 | 7.2 HIGH | N/A |
Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges. | |||||
CVE-2004-0057 | 1 Lbl | 1 Tcpdump | 2024-02-28 | 5.0 MEDIUM | N/A |
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989. | |||||
CVE-2001-0263 | 1 Gene6 | 1 G6 Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled. | |||||
CVE-2002-1686 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in lscfg of unknown versions of AIX has unknown impact. | |||||
CVE-2004-1654 | 1 Phpwebsite | 1 Phpwebsite | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute arbitrary SQL commands via cal_template. | |||||
CVE-2004-1839 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 5.0 MEDIUM | N/A |
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message. | |||||
CVE-2002-0883 | 1 Compaq | 1 Proliant Bl E-class Integrated Administrator Firmware | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities. | |||||
CVE-2002-1778 | 1 Symantec | 1 Norton Personal Firewall | 2024-02-28 | 7.5 HIGH | N/A |
Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. |