Total
266184 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0536 | 1 Phpsysinfo | 1 Phpsysinfo | 2024-02-28 | 3.6 LOW | N/A |
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters. | |||||
CVE-2000-0724 | 1 Helix Code | 1 Go-gnome Pre-installer | 2024-02-28 | 6.2 MEDIUM | N/A |
The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files. | |||||
CVE-1999-1089 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. | |||||
CVE-2001-0340 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 7.5 HIGH | N/A |
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. | |||||
CVE-2002-1856 | 1 Hp | 1 Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
CVE-2000-1097 | 1 Sonicwall | 1 Soho Firewall | 2024-02-28 | 5.0 MEDIUM | N/A |
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. | |||||
CVE-2002-0729 | 1 Microsoft | 1 Sql Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon separator. | |||||
CVE-2001-1278 | 1 Zope | 1 Zope | 2024-02-28 | 7.5 HIGH | N/A |
Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. | |||||
CVE-2003-0401 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2024-02-28 | 5.0 MEDIUM | N/A |
Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. | |||||
CVE-2003-1452 | 1 Qualcomm | 1 Qpopper | 2024-02-28 | 3.6 LOW | N/A |
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. | |||||
CVE-2002-2365 | 1 Springer Verlag Berlin Heidelberg | 1 Simple Wais | 2024-02-28 | 10.0 HIGH | N/A |
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character. | |||||
CVE-2000-0831 | 1 Fastream | 1 Ftp\+\+ Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username. | |||||
CVE-2004-1682 | 1 Qnx | 1 Rtp | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command. | |||||
CVE-2002-1103 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets. | |||||
CVE-2002-0510 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 5.0 MEDIUM | N/A |
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | |||||
CVE-2000-1241 | 1 Sips | 1 Sips | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | |||||
CVE-2000-0797 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option. | |||||
CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
CVE-2001-1459 | 1 Openbsd | 1 Openssh | 2024-02-28 | 7.5 HIGH | N/A |
OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. | |||||
CVE-2004-0407 | 1 Macromedia | 1 Coldfusion | 2024-02-28 | 2.6 LOW | N/A |
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. |