Total
266734 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1494 | 1 Sgi | 1 Irix | 2024-02-28 | 2.1 LOW | N/A |
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument. | |||||
CVE-2002-0415 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 1.7 LOW | N/A |
Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275. | |||||
CVE-2003-1537 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. | |||||
CVE-2004-0328 | 1 Gigabyte | 1 Gn-b46b | 2024-02-28 | 7.2 HIGH | N/A |
Gigabyte Gn-B46B 2.4Ghz wireless broadband router firmware 1.003.00 allows local users on the same local network as the router to bypass authentication by using a copy of the router's html menu on a separate system. | |||||
CVE-2003-1234 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 3.6 LOW | N/A |
Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | |||||
CVE-2004-0578 | 1 Qbik | 1 Wingate | 2024-02-28 | 5.0 MEDIUM | N/A |
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory. | |||||
CVE-2001-0550 | 2 David Madore, Washington University | 2 Ftpd-bsd, Wu-ftpd | 2024-02-28 | 7.5 HIGH | N/A |
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). | |||||
CVE-2003-0995 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request. | |||||
CVE-2003-1293 | 1 Nukedweb | 1 Guestbookhost | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. | |||||
CVE-2001-0771 | 1 Spytech-web | 1 Spyanywhere | 2024-02-28 | 7.5 HIGH | N/A |
Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a single character in the "loginpass" field. | |||||
CVE-2002-1393 | 1 Kde | 1 Kde | 2024-02-28 | 7.5 HIGH | N/A |
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | |||||
CVE-1999-0308 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
HP-UX gwind program allows users to modify arbitrary files. | |||||
CVE-2002-0843 | 2 Apache, Oracle | 4 Http Server, Application Server, Database Server and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response. | |||||
CVE-2003-0470 | 1 Symantec | 1 Security Check | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. | |||||
CVE-2004-1815 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | |||||
CVE-2000-0760 | 1 Apache | 1 Tomcat | 2024-02-28 | 6.4 MEDIUM | N/A |
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | |||||
CVE-2002-1546 | 1 Brs | 1 Webweaver | 2024-02-28 | 7.5 HIGH | N/A |
BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence. | |||||
CVE-1999-0120 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. | |||||
CVE-2000-0341 | 1 Atrium Software | 1 Cassandra Nntp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name. | |||||
CVE-2004-0794 | 1 Luke Mewburn | 2 Lukemftp, Tnftpd | 2024-02-28 | 5.1 MEDIUM | N/A |
Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code. |