Total
266888 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0186 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2024-02-28 | 7.2 HIGH | N/A |
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | |||||
CVE-2004-1447 | 1 Jetbox | 1 Jetbox One Cms | 2024-02-28 | 5.0 MEDIUM | N/A |
Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information. | |||||
CVE-2002-0122 | 1 Siemens | 1 3568i Wap | 2024-02-28 | 5.0 MEDIUM | N/A |
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters. | |||||
CVE-2002-2377 | 1 Sephiroth32 | 1 Zap Book | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field. | |||||
CVE-2003-0187 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 5.0 MEDIUM | N/A |
The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts. | |||||
CVE-2000-0510 | 1 Debian | 1 Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request. | |||||
CVE-2003-1168 | 1 Http Commander | 1 Http Commander | 2024-02-28 | 5.0 MEDIUM | N/A |
HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. | |||||
CVE-2001-0688 | 1 Transsoft | 1 Broker Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command. | |||||
CVE-1999-0839 | 1 Microsoft | 1 Ie | 2024-02-28 | 7.2 HIGH | N/A |
Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled. | |||||
CVE-2000-1116 | 1 Transsoft | 1 Broker Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long command. | |||||
CVE-2002-0073 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-28 | 5.0 MEDIUM | N/A |
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters. | |||||
CVE-2000-1195 | 1 Caldera | 2 Openlinux Edesktop, Openlinux Eserver | 2024-02-28 | 7.5 HIGH | N/A |
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. | |||||
CVE-2000-0004 | 1 Zbsoft | 1 Zbserver | 2024-02-28 | 5.0 MEDIUM | N/A |
ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL. | |||||
CVE-2004-2155 | 1 Online-bookmarks | 1 Web Based Bookmark Application | 2024-02-28 | 7.5 HIGH | N/A |
Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php. | |||||
CVE-2003-1548 | 1 Myabracadaweb | 1 Myabracadaweb | 2024-02-28 | 5.0 MEDIUM | N/A |
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message. | |||||
CVE-2003-0388 | 1 Andrew Morgan | 1 Linux Pam | 2024-02-28 | 4.6 MEDIUM | N/A |
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name. | |||||
CVE-2004-0604 | 2 Gentoo, Gift-fasttrack | 2 Linux, Gift-fasttrack | 2024-02-28 | 5.0 MEDIUM | N/A |
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference. | |||||
CVE-2000-0699 | 1 Hp | 1 Hp-ux | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command. | |||||
CVE-2002-0158 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument. | |||||
CVE-2002-2408 | 1 Gordano | 1 Ntmail | 2024-02-28 | 7.5 HIGH | N/A |
Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server. |