Total
265933 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0263 | 1 Ezne.net | 1 Ezboard 2000 | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. | |||||
CVE-2002-0789 | 1 Mnogosearch | 1 Mnogosearch | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter. | |||||
CVE-1999-1479 | 1 Matt Wright | 1 Textcounter | 2024-02-28 | 10.0 HIGH | N/A |
The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2003-1228 | 1 Mathopd | 1 Mathopd | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. | |||||
CVE-2002-0714 | 1 Squid | 1 Squid | 2024-02-28 | 7.5 HIGH | N/A |
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses. | |||||
CVE-2004-1973 | 1 Digi | 1 Www Server | 2024-02-28 | 5.0 MEDIUM | N/A |
DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters. | |||||
CVE-2000-1149 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability. | |||||
CVE-2002-1824 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability. | |||||
CVE-2002-1202 | 1 Compaq | 1 Tru64 | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files. | |||||
CVE-2002-2078 | 1 Floosietek | 2 Ftgateoffice, Ftgatepro | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. | |||||
CVE-1999-0466 | 1 Netbsd | 1 Netbsd | 2024-02-28 | 7.2 HIGH | N/A |
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. | |||||
CVE-2001-0577 | 1 Sco | 1 Openserver | 2024-02-28 | 7.2 HIGH | N/A |
recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument. | |||||
CVE-1999-0585 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
A Windows NT administrator account has the default name of Administrator. | |||||
CVE-2004-1321 | 1 Asante | 1 Fm2008 Managed Ethernet Switch | 2024-02-28 | 7.5 HIGH | N/A |
The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access. | |||||
CVE-2004-2226 | 1 Mozilla | 1 Thunderbird | 2024-02-28 | 5.0 MEDIUM | N/A |
Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server. | |||||
CVE-2000-1000 | 1 Aol | 1 Instant Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters. | |||||
CVE-2004-1664 | 1 Activision | 2 Call Of Duty, Call Of Duty United Offensive | 2024-02-28 | 5.0 MEDIUM | N/A |
Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430. | |||||
CVE-2002-0830 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 5.0 MEDIUM | N/A |
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. | |||||
CVE-2001-0307 | 1 Bajie | 1 Java Http Server | 2024-02-28 | 7.5 HIGH | N/A |
Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist. | |||||
CVE-2002-0931 | 1 Luis Bernardo | 1 Myhelpdesk | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a (1) Title or (2) Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the (3) tickettime, (4) ticketfiles, or (5) updateticketlog operations, or (6) via the update section when a ticket is edited. |