Total
266888 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1388 | 1 Netfilter | 1 Iptables | 2024-02-28 | 5.0 MEDIUM | N/A |
| iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator. | |||||
| CVE-2002-1575 | 1 Mit | 1 Cgiemail | 2024-02-28 | 5.0 MEDIUM | N/A |
| cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message. | |||||
| CVE-2002-0766 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
| OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. | |||||
| CVE-2003-0843 | 1 Dag Apt Repository | 1 Mod Gzip | 2024-02-28 | 7.5 HIGH | N/A |
| Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header. | |||||
| CVE-2003-1227 | 1 Gallery Project | 1 Gallery | 2024-02-28 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue might be exploitable only during installation, or if the administrator has not run a security script after installation. | |||||
| CVE-2003-0542 | 1 Apache | 1 Http Server | 2024-02-28 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. | |||||
| CVE-2002-2019 | 1 Oscommerce | 1 Oscommerce | 2024-02-28 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter. | |||||
| CVE-2003-0898 | 1 Ibm | 1 Db2 Universal Database | 2024-02-28 | 4.6 MEDIUM | N/A |
| IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2. | |||||
| CVE-2001-1125 | 1 Symantec | 1 Liveupdate | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site. | |||||
| CVE-1999-1236 | 1 True North | 1 Internet Anywhere Mail Server | 2024-02-28 | 4.6 MEDIUM | N/A |
| Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf. | |||||
| CVE-2001-0111 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2024-02-28 | 7.2 HIGH | N/A |
| Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. | |||||
| CVE-2000-1244 | 1 Broadcom | 1 Inoculateit Agent For Exchange | 2024-02-28 | 7.5 HIGH | N/A |
| Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection. | |||||
| CVE-2003-0815 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
| Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability. | |||||
| CVE-2000-0612 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table. | |||||
| CVE-2000-0339 | 1 Zonelabs | 1 Zonealarm | 2024-02-28 | 7.5 HIGH | N/A |
| ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. | |||||
| CVE-2004-0261 | 1 Openjournal | 1 Openjournal | 2024-02-28 | 10.0 HIGH | N/A |
| oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to bypass authentication and access the control panel via a 0 in the uid parameter. | |||||
| CVE-2000-0402 | 1 Microsoft | 1 Sql Server | 2024-02-28 | 2.1 LOW | N/A |
| The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. | |||||
| CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2024-02-28 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | |||||
| CVE-2000-0412 | 1 Napster | 1 Knapster | 2024-02-28 | 7.5 HIGH | N/A |
| The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file. | |||||
| CVE-2004-0279 | 1 Aim Sniff | 1 Aim Sniff | 2024-02-28 | 7.2 HIGH | N/A |
| AIM Sniff (aimSniff.pl) 0.9b allows local users to overwrite arbitrary files via a symlink attack on /tmp/AS.log. | |||||