Total
265894 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0239 | 1 Hanterm | 1 Hanterm | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument. | |||||
CVE-1999-0903 | 1 Ibm | 1 Aix | 2024-02-28 | 7.5 HIGH | N/A |
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. | |||||
CVE-1999-1498 | 1 Slackware | 1 Slackware Linux | 2024-02-28 | 3.6 LOW | N/A |
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file. | |||||
CVE-2004-0664 | 1 Powerportal | 1 Powerportal | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. (dot dot) in the files parameter. | |||||
CVE-2000-1107 | 1 Suse | 1 Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | |||||
CVE-2002-2191 | 1 Lotus | 1 Domino | 2024-02-28 | 5.0 MEDIUM | N/A |
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner. | |||||
CVE-2003-0702 | 1 Iss | 1 Realsecure Server Sensor | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL. | |||||
CVE-2002-0240 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. | |||||
CVE-2000-0786 | 1 Gnu | 1 Userv | 2024-02-28 | 4.6 MEDIUM | N/A |
GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions. | |||||
CVE-2004-0675 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command. | |||||
CVE-2000-0827 | 1 Mobius | 1 Documentdirect For The Internet | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. | |||||
CVE-2003-1053 | 1 Xshisen | 1 Xshisen | 2024-02-28 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable. | |||||
CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | |||||
CVE-1999-1456 | 1 Thttpd | 1 Thttpd Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. | |||||
CVE-2002-0227 | 2 Kde, Kicq | 2 Kde, Kicq | 2024-02-28 | 5.0 MEDIUM | N/A |
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. | |||||
CVE-2001-0001 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 7.5 HIGH | N/A |
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie. | |||||
CVE-2003-1274 | 1 Nullsoft | 1 Winamp | 2024-02-28 | 5.0 MEDIUM | N/A |
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux. | |||||
CVE-1999-0865 | 1 Stalker | 1 Communigate Pro | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port. | |||||
CVE-2002-0433 | 1 Pi3 | 1 Pi3web | 2024-02-28 | 5.0 MEDIUM | N/A |
Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character. | |||||
CVE-2002-1421 | 1 Ilia Alshanetsky | 1 Fudforum | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php. |