Total
265971 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1366 | 1 Netscript Project | 1 Netscript | 2024-02-28 | 5.0 MEDIUM | N/A |
| netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information. | |||||
| CVE-2004-1383 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details.php. | |||||
| CVE-1999-0842 | 1 Symantec | 1 Mail-gear | 2024-02-28 | 5.0 MEDIUM | N/A |
| Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2002-1165 | 2 Netbsd, Sendmail | 2 Netbsd, Sendmail | 2024-02-28 | 4.6 MEDIUM | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | |||||
| CVE-2001-0767 | 1 Steve Poulsen | 1 Guildftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET. | |||||
| CVE-2001-0949 | 1 Valicert | 1 Enterprise Validation Authority | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpiredCRLs, (4) listenLength, (5) maxThread, (6) maxConnPerSite, (7) maxMsgLen, (8) exitTime, (9) blockTime, (10) nextUpdatePeriod, (11) buildLocal, (12) maxOCSPValidityPeriod, (13) extension, and (14) a particular combination of parameters associated with private key generation that form a string of a certain length. | |||||
| CVE-2001-1171 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 7.2 HIGH | N/A |
| Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. | |||||
| CVE-1999-0607 | 1 I-soft | 1 Quikstore | 2024-02-28 | 5.0 MEDIUM | N/A |
| quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges. | |||||
| CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2024-02-28 | 7.5 HIGH | N/A |
| FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | |||||
| CVE-1999-1535 | 1 Persits | 1 Aspupload | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request. | |||||
| CVE-1999-1390 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.2 HIGH | N/A |
| suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. | |||||
| CVE-1999-0918 | 1 Microsoft | 4 Windows 2000, Windows 95, Windows 98 and 1 more | 2024-02-28 | 7.8 HIGH | N/A |
| Denial of service in various Windows systems via malformed, fragmented IGMP packets. | |||||
| CVE-2002-1055 | 1 Brother | 1 Nc-3100h | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password. | |||||
| CVE-2002-0410 | 1 Aeromail | 1 Aeromail | 2024-02-28 | 5.0 MEDIUM | N/A |
| send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded. | |||||
| CVE-1999-1026 | 1 Sun | 1 Solaris | 2024-02-28 | 7.2 HIGH | N/A |
| aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file. | |||||
| CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2024-02-28 | 7.5 HIGH | N/A |
| Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2002-0405 | 1 Transsoft | 1 Broker Ftp Server | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters. | |||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 10.0 HIGH | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | |||||
| CVE-1999-0973 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | |||||
| CVE-2000-0839 | 1 Ipswitch | 1 Wincom Lpd | 2024-02-28 | 5.0 MEDIUM | N/A |
| WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515). | |||||