Total
90914 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0011 | 1 Debian | 1 Fsp | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. | |||||
CVE-2002-0408 | 1 Lotus | 1 Domino | 2023-12-10 | 5.0 MEDIUM | N/A |
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message. | |||||
CVE-2002-0968 | 1 Analogx | 1 Simpleserver Www | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name. | |||||
CVE-2003-0610 | 1 Mcafee | 1 Epolicy Orchestrator | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | |||||
CVE-2002-2174 | 1 Software602 | 1 602pro Lan Suite | 2023-12-10 | 5.0 MEDIUM | N/A |
The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number of outstanding connections to the local host, which allows remote attackers to create a denial of service (memory consumption) via a large number of connections. | |||||
CVE-2000-0084 | 1 Globalscape | 1 Cuteftp | 2023-12-10 | 5.0 MEDIUM | N/A |
CuteFTP uses weak encryption to store password information in its tree.dat file. | |||||
CVE-2004-2016 | 1 Netchat | 1 Subnet Chat Application | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request. | |||||
CVE-2000-0479 | 1 Shadow Op Software | 1 Dragon Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Dragon FTP server allows remote attackers to cause a denial of service via a long USER command. | |||||
CVE-2001-0922 | 1 Sun | 1 Netdynamics | 2023-12-10 | 7.5 HIGH | N/A |
ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | |||||
CVE-2002-0544 | 1 Aprelium Technologies | 1 Abyss Web Server | 2023-12-10 | 7.2 HIGH | N/A |
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges. | |||||
CVE-1999-1356 | 1 Compaq | 1 Smartstart | 2023-12-10 | 4.6 MEDIUM | N/A |
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy. | |||||
CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2023-12-10 | 5.0 MEDIUM | N/A |
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. | |||||
CVE-2002-2183 | 1 Phpshare | 1 Phpshare | 2023-12-10 | 7.5 HIGH | N/A |
phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary PHP scripts from remote servers. | |||||
CVE-2003-0824 | 1 Microsoft | 4 Frontpage Server Extensions, Sharepoint Team Services, Windows 2000 and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. | |||||
CVE-2002-2087 | 1 Borland Software | 1 Interbase | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | |||||
CVE-2004-2024 | 1 Zen Cart | 1 Zen Cart | 2023-12-10 | 7.5 HIGH | N/A |
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | |||||
CVE-2003-0851 | 2 Cisco, Openssl | 5 Css11000 Content Services Switch, Ios, Pix Firewall and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | |||||
CVE-1999-0272 | 1 Slmail | 1 Slmail | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in Slmail v2.5 through the POP3 port. | |||||
CVE-1999-0066 | 1 John S. Roberts | 1 Anyform | 2023-12-10 | 7.5 HIGH | N/A |
AnyForm CGI remote execution. | |||||
CVE-2003-1304 | 1 Early Impact | 1 Productcart | 2023-12-10 | 5.0 MEDIUM | N/A |
EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. |