Total
266790 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0155 | 1 Van Dyke Technologies | 1 Vshell | 2024-02-28 | 7.5 HIGH | N/A |
| Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers. | |||||
| CVE-2002-0448 | 1 Xerver | 1 Xerver | 2024-02-28 | 5.0 MEDIUM | N/A |
| Xerver Free Web Server 2.10 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request that contains many "C:/" sequences. | |||||
| CVE-2004-1662 | 1 Yabb | 1 Yabb | 2024-02-28 | 5.0 MEDIUM | N/A |
| YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message. | |||||
| CVE-2003-0081 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.5 HIGH | N/A |
| Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. | |||||
| CVE-2000-0944 | 1 Cgi | 1 Script Center News Update | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password. | |||||
| CVE-1999-1474 | 1 Microsoft | 1 Powerpoint | 2024-02-28 | 7.5 HIGH | N/A |
| PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer. | |||||
| CVE-2001-1078 | 1 Extremail | 1 Extremail | 2024-02-28 | 10.0 HIGH | N/A |
| Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication. | |||||
| CVE-2001-0334 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | |||||
| CVE-2003-0544 | 1 Openssl | 1 Openssl | 2024-02-28 | 5.0 MEDIUM | N/A |
| OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. | |||||
| CVE-2003-1462 | 1 Mod Survey | 1 Mod Survey | 2024-02-28 | 5.0 MEDIUM | N/A |
| mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash). | |||||
| CVE-2004-1811 | 1 Hp | 1 Ssl Http Server | 2024-02-28 | 7.5 HIGH | N/A |
| The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates. | |||||
| CVE-2001-0143 | 2 Immunix, Redhat | 2 Immunix, Linux | 2024-02-28 | 1.2 LOW | N/A |
| vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2002-0641 | 1 Microsoft | 2 Msde, Sql Server | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query. | |||||
| CVE-2001-0076 | 1 Ikonboard.com | 1 Ikonboard | 2024-02-28 | 10.0 HIGH | N/A |
| register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed. | |||||
| CVE-2001-1521 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-28 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter. | |||||
| CVE-2002-0938 | 1 Cisco | 1 Secure Access Control Server | 2024-02-28 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. | |||||
| CVE-2003-0046 | 1 Celestial Software | 1 Absolutetelnet | 2024-02-28 | 4.6 MEDIUM | N/A |
| AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
| CVE-2003-1317 | 1 Endonesia | 1 Endonesia | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2004-0472 | 2024-02-28 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a reservation duplicate of CVE-2004-0434. Notes: All CVE users should reference CVE-2004-0434 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
| CVE-2000-0572 | 1 Visible Systems | 1 Razor | 2024-02-28 | 4.6 MEDIUM | N/A |
| The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges. | |||||