Total
266129 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1177 | 1 Nullsoft | 1 Winamp | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag. | |||||
CVE-1999-0817 | 1 University Of Kansas | 1 Lynx | 2024-02-28 | 10.0 HIGH | N/A |
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. | |||||
CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
CVE-2001-1342 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer. | |||||
CVE-2004-1463 | 1 Moinmoin | 1 Moinmoin | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, related to Access Control Lists (ACL), has unknown impact. | |||||
CVE-1999-1267 | 1 Kde | 1 Kde | 2024-02-28 | 5.0 MEDIUM | N/A |
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server. | |||||
CVE-2001-0705 | 1 Arcadia | 1 Arcadia Internet Store | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument. | |||||
CVE-1999-0632 | 2024-02-28 | N/A | N/A | ||
The RPC portmapper service is running. | |||||
CVE-2002-2214 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header. | |||||
CVE-2000-0725 | 1 Zope | 1 Zope | 2024-02-28 | 7.2 HIGH | N/A |
Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request. | |||||
CVE-2004-0253 | 1 Ibm | 1 Cloudscape | 2024-02-28 | 10.0 HIGH | N/A |
IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability. | |||||
CVE-2002-2027 | 1 Doow | 1 Doow | 2024-02-28 | 7.5 HIGH | N/A |
Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities. | |||||
CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2024-02-28 | 5.0 MEDIUM | N/A |
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | |||||
CVE-1999-1010 | 1 Openbsd | 1 Openssh | 2024-02-28 | 2.1 LOW | N/A |
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | |||||
CVE-2002-0450 | 1 Talentsoft | 1 Web\+ Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe. | |||||
CVE-2001-1452 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses. | |||||
CVE-2004-0851 | 1 Ulrich Callmeier | 1 Net-acct | 2024-02-28 | 2.1 LOW | N/A |
The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-1999-1166 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory. | |||||
CVE-1999-0336 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in mstm in HP-UX allows local users to gain root access. | |||||
CVE-2002-0684 | 2 Gnu, Isc | 2 Glibc, Bind | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. |