Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1299 | 1 Zorbat | 1 Zorbstats | 2024-02-28 | 5.0 MEDIUM | N/A |
Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
CVE-2002-0776 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-28 | 7.5 HIGH | N/A |
getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix. | |||||
CVE-2000-0044 | 1 Jgaa | 1 Warftpd | 2024-02-28 | 10.0 HIGH | N/A |
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. | |||||
CVE-2004-1539 | 1 Gearbox Software | 1 Halo Combat Evolved | 2024-02-28 | 5.0 MEDIUM | N/A |
Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. | |||||
CVE-2002-0001 | 1 Mutt | 1 Mutt | 2024-02-28 | 7.5 HIGH | N/A |
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list. | |||||
CVE-2003-1248 | 1 Positive Software | 1 H-sphere | 2024-02-28 | 7.5 HIGH | N/A |
H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. | |||||
CVE-2002-0285 | 1 Microsoft | 1 Outlook Express | 2024-02-28 | 7.5 HIGH | N/A |
Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. | |||||
CVE-2001-0101 | 1 Fetchmail | 1 Fetchmail | 2024-02-28 | 10.0 HIGH | N/A |
Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command. | |||||
CVE-2003-1109 | 1 Cisco | 4 Ios, Ip Phone 7940, Ip Phone 7960 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
CVE-2002-0842 | 1 Oracle | 1 Application Server | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string specifiers to be returned from dav_lookup_uri() in mod_dav.c, which is then used in a call to ap_log_rerror(). | |||||
CVE-2004-1845 | 1 Expinion.net | 1 News Manager Lite | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp. | |||||
CVE-2000-0450 | 1 Sean Macguire | 1 Big Brother | 2024-02-28 | 7.5 HIGH | N/A |
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. | |||||
CVE-1999-0530 | 2024-02-28 | 10.0 HIGH | N/A | ||
A system is operating in "promiscuous" mode which allows it to perform packet sniffing. | |||||
CVE-1999-0529 | 2024-02-28 | 7.5 HIGH | N/A | ||
A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc. | |||||
CVE-2004-0189 | 1 Squid | 1 Squid | 2024-02-28 | 7.5 HIGH | N/A |
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists. | |||||
CVE-1999-0970 | 1 Omnicron | 1 Omnihttpd | 2024-02-28 | 5.0 MEDIUM | N/A |
The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created. | |||||
CVE-2004-0082 | 1 Samba | 1 Samba | 2024-02-28 | 7.5 HIGH | N/A |
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | |||||
CVE-1999-0099 | 5 Bsdi, Convex, Cray and 2 more | 7 Bsd Os, Convexos, Spp-ux and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. | |||||
CVE-1999-0394 | 2024-02-28 | 10.0 HIGH | N/A | ||
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. | |||||
CVE-2000-0179 | 1 Hp | 1 Openview Omniback Ii | 2024-02-28 | 5.0 MEDIUM | N/A |
HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555. |