Total
90726 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0147 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun." | |||||
| CVE-2002-1868 | 1 Daniel Stenberg | 1 Dispair | 2023-12-10 | 10.0 HIGH | N/A |
| Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields. | |||||
| CVE-2002-2420 | 1 Independent Solution | 2 Simple Site Searcher, Super Site Searcher | 2023-12-10 | 7.5 HIGH | N/A |
| site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | |||||
| CVE-2002-0233 | 1 Eshare Communications Inc. | 1 Eshare Expressions | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in eshare Expressions 4 Web server allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
| CVE-2001-1448 | 1 Magic | 1 Edeveloper | 2023-12-10 | 4.6 MEDIUM | N/A |
| Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts. | |||||
| CVE-2004-0255 | 1 Xlight Ftp Server | 1 Xlight Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow. | |||||
| CVE-2001-1327 | 1 Berkeley Softworks | 1 Pmake | 2023-12-10 | 4.6 MEDIUM | N/A |
| pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. | |||||
| CVE-2001-0905 | 1 Procmail | 1 Procmail | 2023-12-10 | 6.2 MEDIUM | N/A |
| Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running. | |||||
| CVE-2003-1374 | 1 Hp | 1 Hp-ux | 2023-12-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | |||||
| CVE-2000-0464 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.6 HIGH | N/A |
| Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. | |||||
| CVE-2002-0155 | 1 Microsoft | 3 Msn Chat Control, Msn Messenger, Msn Messenger Service For Exchange | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX. | |||||
| CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2023-12-10 | 5.0 MEDIUM | N/A |
| The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | |||||
| CVE-2004-1728 | 1 British National Corpus | 1 Sara | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string. | |||||
| CVE-2003-0248 | 1 Redhat | 1 Linux | 2023-12-10 | 10.0 HIGH | N/A |
| The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | |||||
| CVE-2004-1339 | 1 Oracle | 2 Database Server, Oracle9i | 2023-12-10 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters. | |||||
| CVE-2002-0631 | 1 Sgi | 1 Irix | 2023-12-10 | 7.2 HIGH | N/A |
| Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges. | |||||
| CVE-2004-0039 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI. | |||||
| CVE-2004-2113 | 1 Herberlin | 1 Bremsserver | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
| CVE-2001-1295 | 1 Grant Averett | 1 Cerberus Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. | |||||
| CVE-2003-1140 | 1 Musicqueue | 1 Musicqueue | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file. | |||||