Total
266248 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2024-02-28 | 10.0 HIGH | N/A |
| The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | |||||
| CVE-2001-1544 | 1 Macromedia | 1 Jrun | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. | |||||
| CVE-2000-0769 | 1 Oreilly | 1 Website Pro | 2024-02-28 | 7.5 HIGH | N/A |
| O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe. | |||||
| CVE-2001-1379 | 1 Guiseppe Tanzilli And Matthias Eckermann | 1 Mod Auth Pgsql | 2024-02-28 | 7.5 HIGH | N/A |
| The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name. | |||||
| CVE-2003-1094 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 7.2 HIGH | N/A |
| BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges. | |||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | |||||
| CVE-2001-0845 | 1 Dec | 4 Dec Openvms, Dec Openvms Alpha, Sevms and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
| Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources. | |||||
| CVE-2002-0347 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. | |||||
| CVE-1999-0416 | 1 Cisco | 1 Cisco 7xx Routers | 2024-02-28 | 5.0 MEDIUM | N/A |
| Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. | |||||
| CVE-2000-0264 | 1 Panda | 1 Panda Security | 2024-02-28 | 2.1 LOW | N/A |
| Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. | |||||
| CVE-2001-1187 | 1 Mutasem Abudahab | 2 Csvform, Csvform Plus | 2024-02-28 | 7.5 HIGH | N/A |
| csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter. | |||||
| CVE-2002-0199 | 1 Nullsoft | 1 Shoutcast Server | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes. | |||||
| CVE-1999-0274 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. | |||||
| CVE-2002-1077 | 1 Ipswitch | 1 Imail | 2024-02-28 | 5.0 MEDIUM | N/A |
| IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. | |||||
| CVE-2001-1500 | 1 Proftpd Project | 1 Proftpd | 2024-02-28 | 7.5 HIGH | N/A |
| ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged. | |||||
| CVE-2004-0778 | 1 Gnu | 1 Cvs | 2024-02-28 | 5.0 MEDIUM | N/A |
| CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned. | |||||
| CVE-1999-0200 | 2024-02-28 | 10.0 HIGH | N/A | ||
| Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. | |||||
| CVE-2002-0384 | 1 Rob Flynn | 1 Gaim | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-2191 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. | |||||
| CVE-2002-2036 | 1 Sun | 1 Ray Server Software | 2024-02-28 | 7.5 HIGH | N/A |
| Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client. | |||||