Total
266916 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2024-02-28 | 4.6 MEDIUM | N/A |
NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | |||||
CVE-1999-0805 | 1 Novell | 1 Netware | 2024-02-28 | 5.0 MEDIUM | N/A |
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
CVE-2004-2211 | 1 Alivesites | 1 Alivesites Forum | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) forum_id, (2) method, or (3) forum_title parameters to post.asp, (4) the forum_title parameter to forum.asp, or (5) the id parameter to post.asp. | |||||
CVE-1999-1417 | 1 Inso | 1 Answerbook2 | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged. | |||||
CVE-2003-0361 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.5 HIGH | N/A |
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. | |||||
CVE-2002-2348 | 1 Authoria | 1 Authoria | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter. | |||||
CVE-1999-1511 | 1 Artisoft | 1 Xtramail | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service. | |||||
CVE-2001-0631 | 1 Centrinity | 1 Centrinity Firstclass | 2024-02-28 | 5.0 MEDIUM | N/A |
Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users. | |||||
CVE-2000-0452 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. | |||||
CVE-1999-0386 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL. | |||||
CVE-2003-0389 | 1 Rsa | 1 Ace Agent | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script. | |||||
CVE-2001-0693 | 1 Webtrends | 2 Webtrends Enterprise Reporting Server, Webtrends Enterprise Reporting Server Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20). | |||||
CVE-1999-0726 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.8 HIGH | N/A |
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. | |||||
CVE-2002-2114 | 1 Netjuke | 1 Netjuke | 2024-02-28 | 7.5 HIGH | N/A |
Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call. | |||||
CVE-2002-1325 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | |||||
CVE-2001-0172 | 2 Hans Reiser, Suse | 2 Reiserfs, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name. | |||||
CVE-2000-1133 | 1 Flicks Software | 1 Authentix | 2024-02-28 | 5.0 MEDIUM | N/A |
Authentix Authentix100 allows remote attackers to bypass authentication by inserting a . (dot) into the URL for a protected directory. | |||||
CVE-2004-0550 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. | |||||
CVE-2003-0941 | 1 Sap | 1 Sap Db | 2024-02-28 | 7.5 HIGH | N/A |
web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa. | |||||
CVE-1999-1290 | 1 Chris Matthee | 1 Nftp | 2024-02-28 | 5.1 MEDIUM | N/A |
Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string. |