Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0192 | 1 Davide Libenzi | 1 Xmail | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. | |||||
CVE-1999-0141 | 1 Netscape | 1 Navigator | 2024-02-28 | 3.7 LOW | N/A |
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet. | |||||
CVE-1999-1539 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password. | |||||
CVE-2003-0338 | 1 Wsmp3 | 2 Wsmp3 Daemon, Wsmp3 Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests. | |||||
CVE-2002-1583 | 1 Ibm | 1 Db2 Universal Database | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | |||||
CVE-2000-0758 | 1 Lyris | 1 List Manager | 2024-02-28 | 4.6 MEDIUM | N/A |
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field. | |||||
CVE-2002-1247 | 2 Kde, Lisa | 3 Kde, Klisa, Lisa | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | |||||
CVE-2004-0319 | 1 Ezboard | 1 Ezboard | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument. | |||||
CVE-2004-1715 | 1 Clearswift | 1 Mimesweeper For Web | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL. | |||||
CVE-2002-1177 | 1 Nullsoft | 1 Winamp | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag. | |||||
CVE-1999-0817 | 1 University Of Kansas | 1 Lynx | 2024-02-28 | 10.0 HIGH | N/A |
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. | |||||
CVE-2001-1342 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer. | |||||
CVE-2004-1463 | 1 Moinmoin | 1 Moinmoin | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, related to Access Control Lists (ACL), has unknown impact. | |||||
CVE-1999-1267 | 1 Kde | 1 Kde | 2024-02-28 | 5.0 MEDIUM | N/A |
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server. | |||||
CVE-2001-0705 | 1 Arcadia | 1 Arcadia Internet Store | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument. | |||||
CVE-1999-0632 | 2024-02-28 | N/A | N/A | ||
The RPC portmapper service is running. | |||||
CVE-2002-2214 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header. | |||||
CVE-2000-0725 | 1 Zope | 1 Zope | 2024-02-28 | 7.2 HIGH | N/A |
Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request. | |||||
CVE-2004-0253 | 1 Ibm | 1 Cloudscape | 2024-02-28 | 10.0 HIGH | N/A |
IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability. | |||||
CVE-2002-2027 | 1 Doow | 1 Doow | 2024-02-28 | 7.5 HIGH | N/A |
Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities. |