Total
266660 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0222 | 1 Cisco | 1 Router | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. | |||||
CVE-2003-0280 | 1 Youngzsoft | 1 Cmailserver | 2024-02-28 | 10.0 HIGH | N/A |
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. | |||||
CVE-1999-0235 | 1 Ncsa | 1 Ncsa Web Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access. | |||||
CVE-2002-0751 | 1 Cgiscript.net | 1 Csmailto | 2024-02-28 | 7.5 HIGH | N/A |
CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters. | |||||
CVE-2004-0072 | 1 Accipiter | 1 Accipiter Direct Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request. | |||||
CVE-1999-0562 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
The registry in Windows NT can be accessed remotely by users who are not administrators. | |||||
CVE-2002-1215 | 1 Linux-ha | 1 Heartbeat | 2024-02-28 | 10.0 HIGH | N/A |
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources). | |||||
CVE-2004-1619 | 1 Akella | 1 Privateers Bounty Age Of Sail Ii | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname. | |||||
CVE-2001-1008 | 1 Sun | 2 Java Plug-in, Jre | 2024-02-28 | 7.5 HIGH | N/A |
Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate. | |||||
CVE-1999-1202 | 1 Startech | 2 Pop3 Proxy Server, Telnet Server | 2024-02-28 | 5.0 MEDIUM | N/A |
StarTech (1) POP3 proxy server and (2) telnet server allows remote attackers to cause a denial of service via a long USER command. | |||||
CVE-2002-1485 | 1 Cerulean Studios | 1 Trillian | 2024-02-28 | 5.0 MEDIUM | N/A |
The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O < C". | |||||
CVE-2004-1659 | 1 Cutephp | 1 Cutenews | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Administrator, Editor, Journalist or Commenter privileges to inject arbitrary web script or HTML via the mod parameter. | |||||
CVE-2004-0688 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
CVE-1999-0301 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in SunOS/Solaris ps command. | |||||
CVE-2003-0593 | 1 Opera | 1 Opera Browser | 2024-02-28 | 7.5 HIGH | N/A |
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
CVE-2000-0226 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability." | |||||
CVE-1999-0048 | 3 Debian, Ibm, Nec | 5 Netkit, Aix, Asl Ux 4800 and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. | |||||
CVE-2001-1417 | 1 Aol | 1 Instant Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data. | |||||
CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2024-02-28 | 5.0 MEDIUM | N/A |
The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | |||||
CVE-2003-1333 | 1 Intersystems | 1 Cache Database | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server. |