Vulnerabilities (CVE)

Total 248591 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0779 1 Digium 1 Asterisk 2023-12-10 7.5 HIGH N/A
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
CVE-2001-0313 1 Borderware 1 Firewall Server 2023-12-10 5.0 MEDIUM N/A
Borderware Firewall Server 6.1.2 allows remote attackers to cause a denial of service via a ping to the broadcast address of the public network on which the server is placed, which causes the server to continuously send pings (echo requests) to the network.
CVE-2003-0134 1 Apache 1 Http Server 2023-12-10 5.0 MEDIUM N/A
Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
CVE-2004-1077 1 Citrix 2 Metaframe Client, Program Neighborhood Agent 2023-12-10 5.0 MEDIUM N/A
Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive.
CVE-2001-0188 1 Goodtech 2 Ftp Server 95 98, Ftp Server Nt 2000 2023-12-10 5.0 MEDIUM N/A
GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash.
CVE-1999-0398 1 Ssh 2 Ssh, Ssh2 2023-12-10 4.6 MEDIUM N/A
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
CVE-2002-0538 1 Symantec 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more 2023-12-10 7.5 HIGH N/A
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
CVE-2004-0390 1 Sco 1 Openserver 2023-12-10 7.5 HIGH N/A
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
CVE-2000-0711 2 Microsoft, Netscape 2 Virtual Machine, Communicator 2023-12-10 7.5 HIGH N/A
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
CVE-2003-0949 1 Michael Bischoff 1 Xsok 2023-12-10 4.6 MEDIUM N/A
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.
CVE-1999-0982 1 Sun 2 Solaris, Web-based Enterprise Management 2023-12-10 7.2 HIGH N/A
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
CVE-2003-1128 1 X2 Studios 1 Xmms Remote 2023-12-10 7.5 HIGH N/A
XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086.
CVE-2004-0056 1 Nortel 3 802.11 Wireless Ip Gateway, Business Communications Manager, Succession Communication Server 1000 2023-12-10 7.5 HIGH N/A
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
CVE-2000-0223 1 Sam Hawker 1 Wmcdplay 2023-12-10 7.2 HIGH N/A
Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.
CVE-2001-0778 1 Omnicron 1 Omnihttpd 2023-12-10 5.0 MEDIUM N/A
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20).
CVE-2003-1177 1 Atrium Software 1 Mercur Mailserver 2023-12-10 7.5 HIGH N/A
Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server.
CVE-2001-0826 1 Aclogic 1 Cesarftp 2023-12-10 7.5 HIGH N/A
Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD.
CVE-2003-0286 1 Snitz Communications 1 Snitz Forums 2000 2023-12-10 7.5 HIGH N/A
SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.
CVE-2000-1038 1 Ibm 1 As400 Firewall 2023-12-10 5.0 MEDIUM N/A
The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request.
CVE-2000-0248 1 Redhat 1 Linux 2023-12-10 10.0 HIGH N/A
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.