Total
266685 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0067 | 1 Aterm | 1 Aterm | 2024-02-28 | 7.5 HIGH | N/A |
The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
CVE-2000-0076 | 2 Berkeley, Debian | 2 Nvi, Debian Linux | 2024-02-28 | 2.1 LOW | N/A |
nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover. | |||||
CVE-2003-1435 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module. | |||||
CVE-2004-0156 | 1 Ssmtp | 1 Ssmtp | 2024-02-28 | 5.0 MEDIUM | N/A |
Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2002-2228 | 1 Mailscanner | 1 Mailscanner | 2024-02-28 | 6.4 MEDIUM | N/A |
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner. | |||||
CVE-2001-0361 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-02-28 | 4.0 MEDIUM | N/A |
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. | |||||
CVE-2002-0583 | 1 Workforceroi | 1 Xpede | 2024-02-28 | 5.0 MEDIUM | N/A |
WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack. | |||||
CVE-2004-0402 | 2 Mandrakesoft, Xpcd | 2 Mandrake Linux, Xpcd | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code. | |||||
CVE-2002-1634 | 1 Novell | 1 Netware | 2024-02-28 | 5.0 MEDIUM | N/A |
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. | |||||
CVE-1999-0309 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
HP-UX vgdisplay program gives root access to local users. | |||||
CVE-2001-0400 | 1 Matt Tourtillott | 1 Nph-maillist | 2024-02-28 | 7.5 HIGH | N/A |
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address. | |||||
CVE-2002-0215 | 1 Steve Kneizys | 1 Agora.cgi | 2024-02-28 | 5.0 MEDIUM | N/A |
Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message. | |||||
CVE-2000-1135 | 1 Debian | 1 Debian Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack. | |||||
CVE-2002-0353 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | N/A |
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields. | |||||
CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2024-02-28 | 5.1 MEDIUM | N/A |
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | |||||
CVE-1999-1574 | 1 Ibm | 1 Aix | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." | |||||
CVE-1999-1014 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. | |||||
CVE-2003-0304 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2024-02-28 | 10.0 HIGH | N/A |
one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. | |||||
CVE-1999-0195 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | |||||
CVE-2004-0190 | 1 Symantec | 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r | 2024-02-28 | 7.5 HIGH | N/A |
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges. |