Total
266783 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0007 | 1 Trend Micro | 1 Pc-cillin | 2024-02-28 | 5.0 MEDIUM | N/A |
Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | |||||
CVE-2002-0895 | 1 Matu | 1 Matu Ftp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command. | |||||
CVE-2002-0556 | 1 Deep Forest Software | 1 Quik-serv Webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
CVE-2004-2175 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | |||||
CVE-2003-1515 | 1 Origo | 2 Asr-8100, Asr-8400 | 2024-02-28 | 7.8 HIGH | N/A |
Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults. | |||||
CVE-2001-0096 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-28 | 5.0 MEDIUM | N/A |
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability. | |||||
CVE-2002-2017 | 1 Sas | 2 Base, Integration Technologies | 2024-02-28 | 10.0 HIGH | N/A |
sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd. | |||||
CVE-2003-0210 | 1 Cisco | 1 Secure Access Control Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. | |||||
CVE-2001-0915 | 1 Berkeley | 1 Pmake | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition. | |||||
CVE-2004-1566 | 1 Silent-storm | 1 Silent-storm Portal | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to execute arbitrary web script or HTML via the module parameter. | |||||
CVE-2000-0258 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. | |||||
CVE-1999-0765 | 1 Sgi | 1 Irix | 2024-02-28 | 10.0 HIGH | N/A |
SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. | |||||
CVE-2002-0894 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2024-02-28 | 5.0 MEDIUM | N/A |
NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet. | |||||
CVE-2004-0667 | 2 Gentoo, Rsbac | 2 Linux, Rule Set Based Access Control | 2024-02-28 | 7.2 HIGH | N/A |
Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. | |||||
CVE-2002-1180 | 1 Microsoft | 1 Internet Information Services | 2024-02-28 | 7.5 HIGH | N/A |
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability." | |||||
CVE-2003-1187 | 1 Phpkit | 1 Phpkit | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter. | |||||
CVE-2003-1042 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 10.0 HIGH | N/A |
SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name. | |||||
CVE-2001-1543 | 1 Axis | 5 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera. | |||||
CVE-2003-0438 | 1 Yuuichi Teranishi | 1 Eldav | 2024-02-28 | 1.2 LOW | N/A |
eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-1999-0807 | 1 Netscape | 1 Directory Server | 2024-02-28 | 7.2 HIGH | N/A |
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users. |