Total
265808 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1466 | 1 Cafelog | 1 B2 | 2024-02-28 | 10.0 HIGH | N/A |
| CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable. | |||||
| CVE-2002-1384 | 2 Easy Software Products, Xpdf | 2 Cups, Xpdf | 2024-02-28 | 7.2 HIGH | N/A |
| Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | |||||
| CVE-1999-1183 | 1 Sgi | 1 Irix | 2024-02-28 | 7.6 HIGH | N/A |
| System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type. | |||||
| CVE-2003-0067 | 1 Aterm | 1 Aterm | 2024-02-28 | 7.5 HIGH | N/A |
| The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
| CVE-2000-0076 | 2 Berkeley, Debian | 2 Nvi, Debian Linux | 2024-02-28 | 2.1 LOW | N/A |
| nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover. | |||||
| CVE-2003-1435 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module. | |||||
| CVE-2004-0156 | 1 Ssmtp | 1 Ssmtp | 2024-02-28 | 5.0 MEDIUM | N/A |
| Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2002-2228 | 1 Mailscanner | 1 Mailscanner | 2024-02-28 | 6.4 MEDIUM | N/A |
| MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner. | |||||
| CVE-2001-0361 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-02-28 | 4.0 MEDIUM | N/A |
| Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. | |||||
| CVE-2002-0583 | 1 Workforceroi | 1 Xpede | 2024-02-28 | 5.0 MEDIUM | N/A |
| WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack. | |||||
| CVE-2004-0402 | 2 Mandrakesoft, Xpcd | 2 Mandrake Linux, Xpcd | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code. | |||||
| CVE-2002-1634 | 1 Novell | 1 Netware | 2024-02-28 | 5.0 MEDIUM | N/A |
| Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. | |||||
| CVE-1999-0309 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| HP-UX vgdisplay program gives root access to local users. | |||||
| CVE-2001-0400 | 1 Matt Tourtillott | 1 Nph-maillist | 2024-02-28 | 7.5 HIGH | N/A |
| nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address. | |||||
| CVE-2002-0215 | 1 Steve Kneizys | 1 Agora.cgi | 2024-02-28 | 5.0 MEDIUM | N/A |
| Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message. | |||||
| CVE-2000-1135 | 1 Debian | 1 Debian Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
| fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2002-0353 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | N/A |
| The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields. | |||||
| CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2024-02-28 | 5.1 MEDIUM | N/A |
| Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | |||||
| CVE-1999-1574 | 1 Ibm | 1 Aix | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." | |||||
| CVE-1999-1014 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. | |||||