Total
266141 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2184 | 1 Digicraft Software | 1 Yak | 2024-02-28 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or "..\" sequences in commands such as (1) dir or (2) put. | |||||
CVE-1999-0983 | 1 Internic | 1 Whois Lookup | 2024-02-28 | 7.5 HIGH | N/A |
Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. | |||||
CVE-2001-0105 | 1 Hp | 1 Hp-ux | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group. | |||||
CVE-2004-1723 | 1 Php Fusion | 1 Php Fusion | 2024-02-28 | 5.0 MEDIUM | N/A |
The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message. | |||||
CVE-2002-1912 | 1 Skystream | 1 Emr5000 | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets. | |||||
CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | |||||
CVE-2001-0739 | 1 Engardelinux | 1 Secure Linux | 2024-02-28 | 7.2 HIGH | N/A |
Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges. | |||||
CVE-2004-0057 | 1 Lbl | 1 Tcpdump | 2024-02-28 | 5.0 MEDIUM | N/A |
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989. | |||||
CVE-2001-0263 | 1 Gene6 | 1 G6 Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled. | |||||
CVE-2002-1686 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in lscfg of unknown versions of AIX has unknown impact. | |||||
CVE-2004-1654 | 1 Phpwebsite | 1 Phpwebsite | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute arbitrary SQL commands via cal_template. | |||||
CVE-2004-1839 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 5.0 MEDIUM | N/A |
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message. | |||||
CVE-2002-0883 | 1 Compaq | 1 Proliant Bl E-class Integrated Administrator Firmware | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities. | |||||
CVE-2002-1778 | 1 Symantec | 1 Norton Personal Firewall | 2024-02-28 | 7.5 HIGH | N/A |
Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. | |||||
CVE-2001-0060 | 1 Stunnel | 1 Stunnel | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username. | |||||
CVE-2004-2033 | 1 Orenosv | 1 Orenosv Http Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | |||||
CVE-2003-0613 | 1 Zblast | 1 Zblast | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file. | |||||
CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | |||||
CVE-2001-1475 | 1 Ssh | 1 Ssh | 2024-02-28 | 7.5 HIGH | N/A |
SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated. | |||||
CVE-2003-0207 | 1 Gs-common | 1 Gs-common | 2024-02-28 | 2.1 LOW | N/A |
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files. |