Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1140 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | N/A |
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp. | |||||
CVE-2003-0930 | 1 Clearswift | 1 Mailsweeper | 2024-02-28 | 7.5 HIGH | N/A |
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. | |||||
CVE-2003-1191 | 1 E107 | 1 E107 | 2024-02-28 | 5.0 MEDIUM | N/A |
chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded. | |||||
CVE-2000-0359 | 1 Acme Labs | 1 Thttpd | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header. | |||||
CVE-2000-0639 | 1 Sean Macguire | 1 Big Brother | 2024-02-28 | 7.5 HIGH | N/A |
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server. | |||||
CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2024-02-28 | 7.5 HIGH | N/A |
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | |||||
CVE-2001-1253 | 1 Com2001 | 1 Alexis Server | 2024-02-28 | 4.6 MEDIUM | N/A |
Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. | |||||
CVE-2002-0335 | 1 Galacticomm Technologies | 2 Worldgroup, Worldgroup Lite Personal Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request. | |||||
CVE-2004-2196 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2024-02-28 | 5.0 MEDIUM | N/A |
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | |||||
CVE-2000-0781 | 1 Ca | 1 Arcserve Backup | 2024-02-28 | 7.2 HIGH | N/A |
uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved. | |||||
CVE-2002-1047 | 1 Watchguard | 1 Soho Firewall | 2024-02-28 | 7.5 HIGH | N/A |
The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name. | |||||
CVE-2004-0566 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. | |||||
CVE-1999-1344 | 1 Auto Ftp | 1 Auto Ftp | 2024-02-28 | 7.5 HIGH | N/A |
Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration file. | |||||
CVE-2000-0609 | 1 Netwin | 2 Cwmail, Dmailweb | 2024-02-28 | 5.0 MEDIUM | N/A |
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter. | |||||
CVE-1999-1371 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. | |||||
CVE-1999-0138 | 7 Apple, Digital, Freebsd and 4 more | 9 A Ux, Osf 1, Freebsd and 6 more | 2024-02-28 | 7.2 HIGH | N/A |
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||||
CVE-2001-1241 | 1 Steve Grimm | 1 Un-cgi | 2024-02-28 | 7.5 HIGH | N/A |
Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name. | |||||
CVE-2002-2035 | 1 Realityscape | 1 Mylogin 2000 | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password in the login form. | |||||
CVE-2002-1944 | 1 Motorola | 1 Surfboard | 2024-02-28 | 5.0 MEDIUM | N/A |
Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service (crash) by performing a SYN scan using a tool such as nmap. | |||||
CVE-2000-0137 | 1 Cartit | 1 Cartit | 2024-02-28 | 7.5 HIGH | N/A |
The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |