Total
250879 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0858 | 1 Caldera | 2 Openunix, Unixware | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges. | |||||
CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | |||||
CVE-2001-1502 | 1 Mountain Network Systems | 1 Webcart | 2023-12-10 | 7.5 HIGH | N/A |
webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter. | |||||
CVE-2002-2175 | 1 Php | 1 Phpsquidpass | 2023-12-10 | 4.0 MEDIUM | N/A |
phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username. | |||||
CVE-2002-0845 | 1 Iplanet | 1 Iplanet Web Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding. | |||||
CVE-2002-2109 | 1 Matt Wright | 1 Formmail | 2023-12-10 | 7.5 HIGH | N/A |
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer. | |||||
CVE-1999-0454 | 2023-12-10 | 10.0 HIGH | N/A | ||
A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso. | |||||
CVE-2000-0426 | 1 Ultrascripts | 1 Ultraboard | 2023-12-10 | 5.0 MEDIUM | N/A |
UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | |||||
CVE-2001-1285 | 1 Ipswitch | 1 Imail | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. | |||||
CVE-2003-1477 | 2 Clearswift, Microsoft | 2 Mailsweeper For Smtp, All Windows | 2023-12-10 | 7.8 HIGH | N/A |
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects." | |||||
CVE-2003-0832 | 1 Webfs | 1 Webfs | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header. | |||||
CVE-2001-1384 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.2 HIGH | N/A |
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp. | |||||
CVE-2003-0796 | 1 Sgi | 1 Irix | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled. | |||||
CVE-2004-1723 | 1 Php Fusion | 1 Php Fusion | 2023-12-10 | 5.0 MEDIUM | N/A |
The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message. | |||||
CVE-2000-0564 | 1 Mirabilis | 1 Icq | 2023-12-10 | 5.0 MEDIUM | N/A |
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. | |||||
CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2023-12-10 | 5.0 MEDIUM | N/A |
Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. | |||||
CVE-1999-1484 | 1 Microsoft | 1 Msn Setup Bulletin Board Services | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured. | |||||
CVE-2004-0291 | 1 Yabb | 1 Yabb | 2023-12-10 | 5.0 MEDIUM | N/A |
SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter. | |||||
CVE-2003-0046 | 1 Celestial Software | 1 Absolutetelnet | 2023-12-10 | 4.6 MEDIUM | N/A |
AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
CVE-2004-0122 | 1 Microsoft | 1 Msn Messenger | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files. |