Total
266882 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1512 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request. | |||||
CVE-2002-2221 | 1 Chetcpasswd | 1 Chetcpasswd | 2024-02-28 | 6.2 MEDIUM | N/A |
Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639. | |||||
CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | |||||
CVE-2001-1055 | 1 Microsoft | 2 Windows 98, Windows 98se | 2024-02-28 | 5.0 MEDIUM | N/A |
The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. | |||||
CVE-1999-0611 | 2024-02-28 | 10.0 HIGH | N/A | ||
A system-critical Windows NT registry key has an inappropriate value. | |||||
CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2024-02-28 | 7.5 HIGH | N/A |
EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
CVE-2003-0929 | 1 Clearswift | 1 Mailsweeper | 2024-02-28 | 7.5 HIGH | N/A |
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy. | |||||
CVE-2000-0594 | 3 Caldera, Freebsd, Mandrakesoft | 6 Openlinux Desktop, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters. | |||||
CVE-2002-1131 | 1 Squirrelmail | 1 Squirrelmail | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php. | |||||
CVE-2004-1492 | 1 Quicksilver | 1 Master Of Orion Iii | 2024-02-28 | 5.0 MEDIUM | N/A |
Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exit) via a data packet that contains a large size specifier, which causes a large memory allocation to fail. | |||||
CVE-2002-0722 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing." | |||||
CVE-2003-1148 | 1 Les Visiteurs | 1 Les Visiteurs | 2024-02-28 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/. | |||||
CVE-2002-0144 | 1 Scott Parish | 1 Chuid | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack. | |||||
CVE-2000-1194 | 1 Argosoft | 1 Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | |||||
CVE-2002-1759 | 1 Phprojekt | 1 Phprojekt | 2024-02-28 | 5.0 MEDIUM | N/A |
The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files. | |||||
CVE-2002-2184 | 1 Digi-net Technologies | 1 Digichat | 2024-02-28 | 5.0 MEDIUM | N/A |
Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet. | |||||
CVE-2002-0649 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm. | |||||
CVE-2000-0388 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable. | |||||
CVE-1999-0226 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 10.0 HIGH | N/A |
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. | |||||
CVE-2003-1549 | 1 Myabracadaweb | 1 Myabracadaweb | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter. |