Total
28647 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0112 | 1 Debian | 1 Debian Linux | 2023-12-10 | 7.2 HIGH | N/A |
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. | |||||
CVE-1999-0588 | 2023-12-10 | 7.5 HIGH | N/A | ||
A filter in a router or firewall allows unusual fragmented packets. | |||||
CVE-2003-0962 | 4 Andrew Tridgell, Engardelinux, Redhat and 1 more | 5 Rsync, Secure Community, Secure Linux and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | |||||
CVE-2001-0309 | 1 Redhat | 1 Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||||
CVE-2002-0903 | 1 Woltlab | 1 Burning Board | 2023-12-10 | 7.5 HIGH | N/A |
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value. | |||||
CVE-2001-1242 | 1 Steve Grimm | 1 Un-cgi | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form. | |||||
CVE-2004-0577 | 1 Qbik | 1 Wingate | 2023-12-10 | 5.0 MEDIUM | N/A |
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory. | |||||
CVE-2004-1742 | 1 Web-app.org | 1 Webapp | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. | |||||
CVE-2004-2202 | 1 Duware | 1 Duclassified | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form. | |||||
CVE-2003-0502 | 1 Apple | 1 Darwin Streaming Server | 2023-12-10 | 10.0 HIGH | N/A |
Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421. | |||||
CVE-2002-1969 | 1 The Magic Notebook | 1 The Magic Notebook | 2023-12-10 | 5.0 MEDIUM | N/A |
Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. | |||||
CVE-2004-0738 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote attackers to execute arbitrary SQL via the (1) min or (2) categ parameters. | |||||
CVE-1999-1007 | 1 Vdonet | 1 Vdolive Player | 2023-12-10 | 7.6 HIGH | N/A |
Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file. | |||||
CVE-2000-1107 | 1 Suse | 1 Suse Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | |||||
CVE-2001-0772 | 1 Hp | 1 Hp-ux | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. | |||||
CVE-2003-0093 | 1 Lbl | 1 Tcpdump | 2023-12-10 | 5.0 MEDIUM | N/A |
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. | |||||
CVE-2002-0467 | 2 Ecartis, Listar | 2 Ecartis, Listar | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c. | |||||
CVE-2001-0471 | 1 Ssh | 1 Ssh | 2023-12-10 | 7.5 HIGH | N/A |
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack. | |||||
CVE-1999-1456 | 1 Thttpd | 1 Thttpd Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. | |||||
CVE-2001-1046 | 1 Qualcomm | 1 Qpopper | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username. |