Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1510 | 1 Bisonware | 1 Bisonware Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands. | |||||
CVE-2000-0333 | 2 Ethereal Group, Lbl | 2 Ethereal, Tcpdump | 2024-02-28 | 5.0 MEDIUM | N/A |
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet. | |||||
CVE-2000-1230 | 1 Phorum | 1 Phorum | 2024-02-28 | 5.0 MEDIUM | N/A |
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman". | |||||
CVE-1999-0575 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. | |||||
CVE-2002-0528 | 1 Watchguard | 1 Soho Firewall | 2024-02-28 | 10.0 HIGH | N/A |
Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules. | |||||
CVE-1999-0260 | 1 Renaud Deraison | 1 Jj | 2024-02-28 | 7.5 HIGH | N/A |
The jj CGI program allows command execution via shell metacharacters. | |||||
CVE-2003-0407 | 1 Gnome | 1 Batalla Naval | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string. | |||||
CVE-1999-1448 | 1 Qualcomm | 2 Eudora, Eudora Light | 2024-02-28 | 5.0 MEDIUM | N/A |
Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault. | |||||
CVE-2001-0944 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-28 | 7.2 HIGH | N/A |
DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process. | |||||
CVE-1999-1516 | 1 Tenfour | 1 Tfs Gateway Smtp | 2024-02-28 | 7.5 HIGH | N/A |
A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string. | |||||
CVE-2004-0255 | 1 Xlight Ftp Server | 1 Xlight Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow. | |||||
CVE-2003-0537 | 1 Daiki Ueno | 1 Liece Emacs Irc Client | 2024-02-28 | 4.6 MEDIUM | N/A |
The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users. | |||||
CVE-2001-0625 | 1 Broadcom | 1 Inoculateit | 2024-02-28 | 7.2 HIGH | N/A |
ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log . | |||||
CVE-1999-0718 | 1 Ibm | 1 Gina | 2024-02-28 | 6.2 MEDIUM | N/A |
IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key. | |||||
CVE-2002-1809 | 1 Oracle | 1 Mysql | 2024-02-28 | 7.5 HIGH | N/A |
The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database. | |||||
CVE-2000-0948 | 1 Gnome | 1 Gnorpm | 2024-02-28 | 7.2 HIGH | N/A |
GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack. | |||||
CVE-2001-1069 | 1 Adobe | 1 Acrobat Reader | 2024-02-28 | 7.2 HIGH | N/A |
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | |||||
CVE-2002-2030 | 1 Sqldata | 1 Sqldata Enterprise Server | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows remote attacker to execute arbitrary code and cause a denial of service via a long HTTP request. | |||||
CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2024-02-28 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. |