Total
266154 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2298 | 1 Atthat.com | 1 Thatware | 2024-02-28 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in config.php in Thatware 0.3 through 0.5.3 allows remote attackers to execute arbitrary PHP code via the root_path parameter. | |||||
| CVE-2004-1838 | 1 Xweb | 1 Xweb | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2003-0378 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.5 HIGH | N/A |
| The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. | |||||
| CVE-2002-0173 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges. | |||||
| CVE-2002-0290 | 1 Netwin | 1 Webnews | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument. | |||||
| CVE-1999-1105 | 1 Microsoft | 1 Windows 95 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. | |||||
| CVE-2003-1091 | 1 Apple | 1 Quicktime Broadcaster | 2024-02-28 | 7.5 HIGH | N/A |
| Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files. | |||||
| CVE-2002-0979 | 1 Microsoft | 1 Virtual Machine | 2024-02-28 | 7.5 HIGH | N/A |
| The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. | |||||
| CVE-2003-0951 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.5 HIGH | N/A |
| Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges. | |||||
| CVE-2002-0978 | 1 Microsoft | 1 File Transfer Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function. | |||||
| CVE-2000-0482 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets. | |||||
| CVE-2004-0457 | 1 Oracle | 1 Mysql | 2024-02-28 | 4.6 MEDIUM | N/A |
| The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2001-1009 | 1 Fetchmail | 1 Fetchmail | 2024-02-28 | 10.0 HIGH | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | |||||
| CVE-2001-0442 | 1 David Harris | 1 Mercury Nlm | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command. | |||||
| CVE-2002-2423 | 1 Sendmail | 1 Sendmail | 2024-02-28 | 6.4 MEDIUM | N/A |
| Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response. | |||||
| CVE-2001-1505 | 1 Tinc | 1 Tinc | 2024-02-28 | 5.0 MEDIUM | N/A |
| tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets. | |||||
| CVE-1999-1449 | 1 Sun | 1 Sunos | 2024-02-28 | 2.1 LOW | N/A |
| SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device. | |||||
| CVE-2002-0681 | 1 Goahead Software | 1 Goahead Webserver | 2024-02-28 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script. | |||||
| CVE-2001-0600 | 1 Lotus | 1 Domino R5 Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding, (4) Accept-Language, and (5) Content-Type. | |||||
| CVE-2002-1357 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | |||||