Vulnerabilities (CVE)

Total 245418 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0320 1 Francisco Burzi 1 Php-nuke 2024-02-28 10.0 HIGH N/A
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument.
CVE-2000-0977 1 Oatmeal Studios 1 Mail File 2024-02-28 5.0 MEDIUM N/A
mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.
CVE-2002-2354 1 Netgear 1 Fm114p 2024-02-28 7.8 HIGH N/A
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2004-1180 3 Debian, Mandrakesoft, Sun 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more 2024-02-28 5.0 MEDIUM N/A
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
CVE-2000-0935 1 Samba 1 Samba 2024-02-28 7.2 HIGH N/A
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
CVE-2003-0649 1 Xpcd 1 Xpcd 2024-02-28 7.2 HIGH N/A
Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
CVE-1999-0285 1 Microsoft 1 Windows Nt 2024-02-28 10.0 HIGH N/A
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.
CVE-2004-0448 1 Jftpgw 1 Jftpgw 2024-02-28 10.0 HIGH N/A
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages.
CVE-2000-0191 1 Axis 1 Storpoint Cd 2024-02-28 10.0 HIGH N/A
Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.
CVE-2000-0280 1 Realnetworks 1 Realplayer 2024-02-28 2.6 LOW N/A
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.
CVE-2004-1710 1 Andrew Kilpatrick 1 Page Cgi 2024-02-28 7.5 HIGH N/A
page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter.
CVE-2003-0405 1 Vignette 3 Content Suite, Storyserver, Vignette 2024-02-28 5.0 MEDIUM N/A
Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command.
CVE-2002-1219 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2024-02-28 7.5 HIGH N/A
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
CVE-2003-1006 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 7.2 HIGH N/A
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.
CVE-2000-0246 1 Microsoft 6 Commercial Internet System, Internet Information Server, Internet Information Services and 3 more 2024-02-28 5.0 MEDIUM N/A
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
CVE-2003-0863 1 Php 1 Php 2024-02-28 7.5 HIGH N/A
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.
CVE-2000-0442 2 Qualcomm, Sun 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i 2024-02-28 7.5 HIGH N/A
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.
CVE-2003-0751 1 Py-membres 1 Py-membres 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.
CVE-1999-0465 2024-02-28 10.0 HIGH N/A
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.
CVE-2001-1345 1 Jetico 1 Bestcrypt 2024-02-28 4.6 MEDIUM N/A
bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.