Total
247119 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2256 | 1 Pwins | 1 Pwins | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters. | |||||
CVE-2001-0529 | 1 Openbsd | 1 Openssh | 2023-12-10 | 7.2 HIGH | N/A |
OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. | |||||
CVE-2004-1930 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie. | |||||
CVE-2000-0893 | 1 Sgi | 1 Irix | 2023-12-10 | 5.0 MEDIUM | N/A |
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. | |||||
CVE-1999-0185 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.5 HIGH | N/A |
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. | |||||
CVE-2004-0096 | 1 Apache | 1 Mod Python | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973. | |||||
CVE-2004-2161 | 1 Tutos | 1 Tutos | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | |||||
CVE-2004-1818 | 1 Warpspeed | 1 4nalbum Module | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary script as other users by injecting arbitrary script into the z parameter. | |||||
CVE-2003-1208 | 1 Oracle | 1 Oracle9i | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions. | |||||
CVE-1999-0364 | 2 Fms Inc., Microsoft | 2 Total Vb Sourcebook, Access | 2023-12-10 | 10.0 HIGH | N/A |
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. | |||||
CVE-2004-1565 | 1 W-agora | 1 W-agora | 2023-12-10 | 5.0 MEDIUM | N/A |
list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter. | |||||
CVE-2001-0296 | 1 Texas Imperial Software | 1 Wftpd Pro | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command. | |||||
CVE-1999-0613 | 2023-12-10 | N/A | N/A | ||
The rpc.sprayd service is running. | |||||
CVE-2001-1229 | 2 Icecast, Libshout | 2 Icecast, Libshout | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | |||||
CVE-2004-0331 | 1 Dell | 1 Openmanage | 2023-12-10 | 5.0 MEDIUM | N/A |
Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable. | |||||
CVE-2003-0337 | 1 Platform | 1 Lsadmin | 2023-12-10 | 4.6 MEDIUM | N/A |
The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSF_SERVERDIR to point to a malicious lim program, which lsadmin then executes. | |||||
CVE-2001-1102 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 6.2 MEDIUM | N/A |
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. | |||||
CVE-2004-2230 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 2.1 LOW | N/A |
Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | |||||
CVE-2002-1508 | 1 Openldap | 1 Openldap | 2023-12-10 | 1.2 LOW | N/A |
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. | |||||
CVE-2002-0299 | 1 Cnet | 1 Catchup | 2023-12-10 | 7.6 HIGH | N/A |
CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan. |