Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0604 | 1 Redhat | 1 Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp. | |||||
CVE-2000-0328 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking. | |||||
CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2024-02-28 | 5.0 MEDIUM | N/A |
RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
CVE-2000-0868 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. | |||||
CVE-2004-1404 | 1 Opentools | 1 Attachment Mod | 2024-02-28 | 7.5 HIGH | N/A |
Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code. | |||||
CVE-2002-0473 | 1 Phpbb Group | 1 Phpbb | 2024-02-28 | 10.0 HIGH | N/A |
db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter. | |||||
CVE-2003-0730 | 2 Netbsd, Xfree86 Project | 2 Netbsd, X11r6 | 2024-02-28 | 7.5 HIGH | N/A |
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | |||||
CVE-2002-2149 | 1 Lucent | 3 Access Point Service Router 1500, Access Point Service Router 300, Access Point Service Router 600 | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface. | |||||
CVE-2002-1075 | 1 David Harris | 1 Pegasus Mail | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers. | |||||
CVE-2003-0445 | 1 Webfs | 1 Webfs | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI. | |||||
CVE-2003-0283 | 1 Phorum | 1 Phorum | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail. | |||||
CVE-2004-1538 | 1 Phpkit | 1 Phpkit | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2001-0955 | 1 Xfree86 Project | 1 X11r6 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | |||||
CVE-1999-0629 | 2024-02-28 | N/A | N/A | ||
The ident/identd service is running. | |||||
CVE-2001-0927 | 1 Gnome | 1 Libgtop Daemon | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions. | |||||
CVE-2004-0757 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | |||||
CVE-2002-1654 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2024-02-28 | 7.5 HIGH | N/A |
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection. | |||||
CVE-2004-0161 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2024-02-28 | 7.5 HIGH | N/A |
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients. | |||||
CVE-2001-0297 | 1 Dattaraj Rao | 1 Simple Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
CVE-2000-0166 | 1 Interaccess | 1 Interaccess Telnetd Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name. |