Total
251334 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0561 | 2023-12-10 | 10.0 HIGH | N/A | ||
IIS has the #exec function enabled for Server Side Include (SSI) files. | |||||
CVE-2001-1184 | 1 Denicomp | 1 Winsock Rshd Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that port and all ports below 1024, and (2) in 2.21.00, a port number of 1024. | |||||
CVE-2000-0679 | 1 Cvs | 1 Cvs | 2023-12-10 | 2.1 LOW | N/A |
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files. | |||||
CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
CVE-2004-1682 | 1 Qnx | 1 Rtp | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command. | |||||
CVE-1999-0326 | 1 Hp | 1 Hp-ux | 2023-12-10 | 4.6 MEDIUM | N/A |
Vulnerability in HP-UX mediainit program. | |||||
CVE-2004-2148 | 1 Slava Astashonok | 1 Fprobe | 2023-12-10 | 7.2 HIGH | N/A |
Unknown local vulnerability in the "change user" feature of Slava Astashonok Fprobe 1.0.5 and earlier has unknown impact and attack vectors. | |||||
CVE-1999-0116 | 1 Ibm | 2 Aix, Sng | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. | |||||
CVE-2002-0717 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | N/A |
PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed. | |||||
CVE-2002-1896 | 1 Alsaplayer | 1 Alsaplayer | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument. | |||||
CVE-2004-0828 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files. | |||||
CVE-2002-0222 | 1 Etype | 1 Eserv | 2023-12-10 | 7.5 HIGH | N/A |
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command. | |||||
CVE-2002-2132 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2023-12-10 | 2.1 LOW | N/A |
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | |||||
CVE-2000-0111 | 1 Avt | 1 Rightfax | 2023-12-10 | 7.5 HIGH | N/A |
The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions. | |||||
CVE-1999-1475 | 1 Proftpd Project | 1 Proftpd | 2023-12-10 | 4.6 MEDIUM | N/A |
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command. | |||||
CVE-2004-2188 | 1 Dmxready | 1 Dmxready Site Chassis Manager | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
CVE-2003-0685 | 1 Netris | 1 Netris | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response. | |||||
CVE-2004-1551 | 1 Php Arena | 1 Pafiledb | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter. | |||||
CVE-2002-1262 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files. |