Total
250623 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1158 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 7.5 HIGH | N/A |
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts. | |||||
CVE-2004-1911 | 1 Azerbaijan Development Group | 1 Azdgdating | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php. | |||||
CVE-2002-1609 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
CVE-2003-1391 | 1 Research Triangle Software | 1 Cryptobuddy | 2024-02-28 | 7.5 HIGH | N/A |
RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase. | |||||
CVE-2003-1205 | 1 Crob | 1 Crob Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the "con" MS-DOS device name. | |||||
CVE-2002-0752 | 1 Cgiscript.net | 1 Csmailto | 2024-02-28 | 5.0 MEDIUM | N/A |
CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file. | |||||
CVE-2001-0832 | 1 Oracle | 1 Database Server | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability." | |||||
CVE-1999-0947 | 1 An | 1 An-httpd | 2024-02-28 | 7.5 HIGH | N/A |
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters. | |||||
CVE-2001-1156 | 1 Typsoft | 1 Typsoft Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR. | |||||
CVE-2001-1071 | 1 Cisco | 2 Catos, Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. | |||||
CVE-2003-0181 | 1 Ibm | 1 Lotus Domino Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name. | |||||
CVE-1999-1046 | 1 Ipswitch | 1 Imail | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. | |||||
CVE-2004-0085 | 1 Apple | 1 Mac Os X | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086. | |||||
CVE-2001-0576 | 1 Sco | 1 Openserver | 2024-02-28 | 4.6 MEDIUM | N/A |
lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter. | |||||
CVE-1999-0083 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
getcwd() file descriptor leak in FTP. | |||||
CVE-2002-1049 | 1 Hylafax | 1 Hylafax | 2024-02-28 | 5.0 MEDIUM | N/A |
Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element. | |||||
CVE-2002-0810 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 5.0 MEDIUM | N/A |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails. | |||||
CVE-1999-0698 | 2024-02-28 | 10.0 HIGH | N/A | ||
Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux. | |||||
CVE-2000-0677 | 1 Ibm | 1 Net.data | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable. | |||||
CVE-2002-0713 | 1 Squid | 1 Squid | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated. |