Total
247739 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1383 | 1 Logicworks | 1 Web Erp | 2023-12-10 | 7.5 HIGH | N/A |
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password. | |||||
CVE-2000-1098 | 1 Sonicwall | 1 Soho Firewall | 2023-12-10 | 5.0 MEDIUM | N/A |
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. | |||||
CVE-2002-2144 | 1 Free Peers | 1 Bearshare | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters. | |||||
CVE-2002-0160 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002. | |||||
CVE-2000-0906 | 1 Moreover.com | 1 Cached Feed.cgi Script | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters. | |||||
CVE-2002-2234 | 1 Netscreen | 1 Screenos | 2023-12-10 | 4.3 MEDIUM | N/A |
NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests. | |||||
CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2023-12-10 | 7.2 HIGH | N/A |
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 5.0 MEDIUM | N/A |
The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | |||||
CVE-2002-1659 | 1 Iatek | 1 Portalapp | 2023-12-10 | 10.0 HIGH | N/A |
user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable. | |||||
CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2023-12-10 | 1.2 LOW | N/A |
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | |||||
CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2023-12-10 | 5.0 MEDIUM | N/A |
The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | |||||
CVE-2002-1048 | 1 Hp | 1 Jetdirect | 2023-12-10 | 7.5 HIGH | N/A |
HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0. | |||||
CVE-2000-0873 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||
CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2023-12-10 | 5.0 MEDIUM | N/A |
SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | |||||
CVE-2000-0268 | 1 Cisco | 12 3660 Router, 7100 Router, 7200 Router and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | |||||
CVE-2000-0392 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. | |||||
CVE-2002-1120 | 1 Savant | 1 Savant Web Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2000-0490 | 1 Netwin | 1 Dmail | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request. | |||||
CVE-2002-1393 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | |||||
CVE-2002-1378 | 1 Openldap | 1 Openldap | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. |