Total
91375 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1096 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2023-12-10 | 7.5 HIGH | N/A |
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code. | |||||
CVE-2004-1975 | 1 Php Arena | 1 Pafiledb | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551. | |||||
CVE-2001-0889 | 2 Redhat, University Of Cambridge | 2 Linux, Exim | 2023-12-10 | 7.5 HIGH | N/A |
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2000-0785 | 1 Wircsrv | 1 Irc Server | 2023-12-10 | 5.0 MEDIUM | N/A |
WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file. | |||||
CVE-2002-1024 | 1 Cisco | 4 Catos, Css11000 Content Services Switch, Ios and 1 more | 2023-12-10 | 7.1 HIGH | N/A |
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144). | |||||
CVE-2001-0318 | 1 Proftpd Project | 1 Proftpd | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). | |||||
CVE-2002-1105 | 1 Cisco | 1 Vpn Client | 2023-12-10 | 4.6 MEDIUM | N/A |
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password. | |||||
CVE-2003-0455 | 1 Imagemagick | 1 Libmagick Library | 2023-12-10 | 4.6 MEDIUM | N/A |
The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files. | |||||
CVE-2000-1195 | 1 Caldera | 2 Openlinux Edesktop, Openlinux Eserver | 2023-12-10 | 7.5 HIGH | N/A |
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. | |||||
CVE-2002-0334 | 1 Xtell | 1 Xtell | 2023-12-10 | 2.1 LOW | N/A |
xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. | |||||
CVE-1999-1400 | 1 The Economist | 1 The Economist 1999 Screen Saver | 2023-12-10 | 2.1 LOW | N/A |
The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked. | |||||
CVE-2004-0288 | 1 Mnogosearch | 1 Mnogosearch | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document. | |||||
CVE-2002-1958 | 1 Kmmail | 1 Kmmail | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field. | |||||
CVE-1999-1159 | 1 Ssh | 1 Ssh2 | 2023-12-10 | 4.6 MEDIUM | N/A |
SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root. | |||||
CVE-2001-1202 | 1 Delegate | 1 Delegate | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error. | |||||
CVE-2003-0262 | 1 Leksbot | 1 Leksbot | 2023-12-10 | 7.2 HIGH | N/A |
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have. | |||||
CVE-2003-1056 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2001-1549 | 1 Tiny Software | 1 Tiny Personal Firewall | 2023-12-10 | 2.1 LOW | N/A |
Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. | |||||
CVE-2003-0060 | 1 Mit | 1 Kerberos 5 | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. | |||||
CVE-2000-0004 | 1 Zbsoft | 1 Zbserver | 2023-12-10 | 5.0 MEDIUM | N/A |
ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL. |