Total
9778 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1485 | 1 Clearswift | 1 Mailsweeper | 2023-12-10 | 5.0 MEDIUM | N/A |
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space." | |||||
CVE-2002-2314 | 1 Mozilla | 1 Mozilla | 2023-12-10 | 5.0 MEDIUM | N/A |
Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail. | |||||
CVE-2003-0825 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2023-12-10 | 9.3 HIGH | N/A |
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2003-1463 | 2 Alt-n, Microsoft | 2 Webadmin, All Windows | 2023-12-10 | 3.5 LOW | N/A |
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter. | |||||
CVE-2002-2365 | 1 Springer Verlag Berlin Heidelberg | 1 Simple Wais | 2023-12-10 | 10.0 HIGH | N/A |
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character. | |||||
CVE-2002-1359 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-1999-0726 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 7.8 HIGH | N/A |
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. | |||||
CVE-2002-2406 | 1 Perception | 1 Liteserve | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request. | |||||
CVE-2003-0368 | 1 Nokia | 1 Ggsn | 2023-12-10 | 5.0 MEDIUM | N/A |
Nokia Gateway GPRS support node (GGSN) allows remote attackers to cause a denial of service (kernel panic) via a malformed IP packet with a 0xFF TCP option. | |||||
CVE-2002-1663 | 1 Monkey-project | 1 Monkey | 2023-12-10 | 5.0 MEDIUM | N/A |
The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value. | |||||
CVE-2001-1584 | 1 Michael Barretto | 1 Cardboard | 2023-12-10 | 7.5 HIGH | N/A |
CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field. | |||||
CVE-1999-1547 | 1 Oracle | 1 Web Listener | 2023-12-10 | 7.5 HIGH | N/A |
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. | |||||
CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
CVE-2003-1419 | 1 Netscape | 1 Navigator | 2023-12-10 | 4.3 MEDIUM | N/A |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | |||||
CVE-2000-0380 | 1 Cisco | 1 Ios | 2023-12-10 | 7.1 HIGH | N/A |
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | |||||
CVE-2002-2423 | 1 Sendmail | 1 Sendmail | 2023-12-10 | 6.4 MEDIUM | N/A |
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response. | |||||
CVE-2002-2393 | 1 Solarwinds | 1 Serv-u File Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands. | |||||
CVE-2000-0400 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post. | |||||
CVE-2003-1350 | 1 List Site Pro | 1 List Site Pro | 2023-12-10 | 4.3 MEDIUM | N/A |
List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field. | |||||
CVE-2004-1928 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2023-12-10 | 7.5 HIGH | N/A |
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL. |