Total
266682 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0441 | 3 Debian, Mandrakesoft, Redhat | 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. | |||||
CVE-2002-1540 | 1 Symantec | 1 Norton Antivirus | 2024-02-28 | 7.2 HIGH | N/A |
The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32. | |||||
CVE-2004-0321 | 1 Singularity Software | 1 Team Factor | 2024-02-28 | 5.0 MEDIUM | N/A |
Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Team Factor to read unallocated memory. | |||||
CVE-2002-0236 | 1 Lucent | 5 Vitalanalysis, Vitalevent, Vitalhelp and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user. | |||||
CVE-2002-0686 | 1 Iplanet | 1 Iplanet Web Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter. | |||||
CVE-2003-0933 | 1 Conquest | 1 Conquest | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable. | |||||
CVE-1999-1217 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories. | |||||
CVE-2000-0286 | 1 Redhat | 1 Linux | 2024-02-28 | 2.1 LOW | N/A |
X fontserver xfs allows local users to cause a denial of service via malformed input to the server. | |||||
CVE-2001-1471 | 1 Phpbb | 1 Phpbb | 2024-02-28 | 4.6 MEDIUM | 8.8 HIGH |
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be modified by the user and later used in an eval statement. | |||||
CVE-2004-1584 | 1 Wordpress | 1 Wordpress | 2024-02-28 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter. | |||||
CVE-2002-1456 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. | |||||
CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | |||||
CVE-2003-0992 | 1 Gnu | 1 Mailman | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | |||||
CVE-1999-0717 | 1 Microsoft | 5 Excel, Windows 2000, Windows 95 and 2 more | 2024-02-28 | 2.6 LOW | N/A |
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | |||||
CVE-2002-1977 | 1 Pgp | 1 Pgp | 2024-02-28 | 2.1 LOW | N/A |
Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase. | |||||
CVE-2001-0922 | 1 Sun | 1 Netdynamics | 2024-02-28 | 7.5 HIGH | N/A |
ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | |||||
CVE-2001-0569 | 1 Zope | 1 Zope | 2024-02-28 | 2.1 LOW | N/A |
Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet. | |||||
CVE-2004-2117 | 1 Tinyserver | 1 Tinyserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version. | |||||
CVE-2000-0592 | 1 Sapporoworks | 1 Sapporoworks Winproxy | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands. | |||||
CVE-2001-0691 | 1 University Of Washington | 1 Imapd | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations. |