Total
266242 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1473 | 1 Lgames | 1 Ltris | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable. | |||||
CVE-2004-1460 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2024-02-28 | 7.5 HIGH | N/A |
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password. | |||||
CVE-2001-0571 | 1 Elron | 2 Im Anti Virus, Im Message Inspector | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the web server for (1) Elron Internet Manager (IM) Message Inspector and (2) Anti-Virus before 3.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the requested URL. | |||||
CVE-2001-1020 | 1 Vibechild | 1 Directory Manager | 2024-02-28 | 7.5 HIGH | N/A |
edit_image.php in Vibechild Directory Manager before 0.91 allows remote attackers to execute arbitrary commands via shell metacharacters in the userfile_name parameter, which is sent unfiltered to the PHP passthru function. | |||||
CVE-2004-0258 | 1 Realnetworks | 4 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player and 1 more | 2024-02-28 | 7.6 HIGH | N/A |
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT, (3) .RAM, (4) .RPM or (5) .SMIL files. | |||||
CVE-2002-0401 | 2 Debian, Ethereal | 2 Debian Linux, Ethereal | 2024-02-28 | 7.5 HIGH | 7.5 HIGH |
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. | |||||
CVE-2002-0453 | 1 Oblix | 1 Netpoint | 2024-02-28 | 7.5 HIGH | N/A |
The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again. | |||||
CVE-2002-0220 | 1 Phpsmssend | 1 Phpsmssend | 2024-02-28 | 7.5 HIGH | N/A |
phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute arbitrary commands via an SMS message containing shell metacharacters. | |||||
CVE-1999-1286 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file. | |||||
CVE-2001-0779 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. | |||||
CVE-2001-1287 | 1 Ipswitch | 1 Imail | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-1999-1325 | 1 Vax Vms | 1 Sas System | 2024-02-28 | 7.2 HIGH | N/A |
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges. | |||||
CVE-2001-1021 | 1 Progress | 1 Ws Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD. | |||||
CVE-2004-1997 | 2 Kolab, Openpkg | 2 Kolab Groupware Server, Openpkg | 2024-02-28 | 4.6 MEDIUM | N/A |
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges. | |||||
CVE-2002-1697 | 1 Vtun Project | 1 Vtun | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain sensitive information. | |||||
CVE-2003-0812 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API. | |||||
CVE-2002-2227 | 1 Rtfm | 1 Ssldump | 2024-02-28 | 10.0 HIGH | N/A |
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value. | |||||
CVE-2002-1006 | 1 Bbc Education | 1 Betsie | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl. | |||||
CVE-2002-0385 | 1 Vignette | 2 Storyserver, Vignette | 2024-02-28 | 5.0 MEDIUM | N/A |
Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output. | |||||
CVE-2001-0886 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. |