Total
247249 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0650 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||||
CVE-2004-1610 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2023-12-10 | 7.5 HIGH | N/A |
SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables. | |||||
CVE-1999-1479 | 1 Matt Wright | 1 Textcounter | 2023-12-10 | 10.0 HIGH | N/A |
The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 7 Linux, Debian Linux, Freebsd and 4 more | 2023-12-10 | 7.2 HIGH | N/A |
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||||
CVE-2002-1744 | 1 Microsoft | 1 Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot). | |||||
CVE-2002-1221 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | |||||
CVE-2002-1392 | 1 Gert Doering | 1 Mgetty | 2023-12-10 | 2.1 LOW | N/A |
faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | |||||
CVE-2003-0775 | 1 Sane | 2 Sane, Sane-backend | 2023-12-10 | 5.0 MEDIUM | N/A |
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash). | |||||
CVE-2002-0877 | 1 Evolvable Corporation | 1 Shambala Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands. | |||||
CVE-2002-0755 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. | |||||
CVE-2004-1615 | 1 Opera | 1 Opera Browser | 2023-12-10 | 2.6 LOW | N/A |
Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme. | |||||
CVE-2001-0372 | 1 Akopia | 1 Akopia Interchange | 2023-12-10 | 10.0 HIGH | N/A |
Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a default group account :backup with no password, which allows a remote attacker to gain administrative access via the demo stores (1) barry, (2) basic, or (3) construct. | |||||
CVE-2002-0198 | 1 Paul L Daniels | 2 Inflex, Ripmime | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename. | |||||
CVE-2001-0402 | 3 Darren Reed, Freebsd, Openbsd | 3 Ipfilter, Freebsd, Openbsd | 2023-12-10 | 7.5 HIGH | N/A |
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | |||||
CVE-2002-0296 | 1 Tarantella | 1 Tarantella Enterprise | 2023-12-10 | 1.2 LOW | N/A |
The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file. | |||||
CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2023-12-10 | 10.0 HIGH | N/A |
ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | |||||
CVE-2003-0213 | 1 Poptop | 1 Pptp Server | 2023-12-10 | 7.5 HIGH | N/A |
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow. | |||||
CVE-2002-1877 | 1 Netgear | 1 Fm114p | 2023-12-10 | 7.5 HIGH | N/A |
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname. | |||||
CVE-2004-0612 | 1 Zonelabs | 1 Zonealarm | 2023-12-10 | 5.1 MEDIUM | N/A |
The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification. | |||||
CVE-2002-0071 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. |