Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Rhinosoft Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4154 1 Rhinosoft 1 Ftp Voyager 2023-12-10 9.3 HIGH N/A
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2009-4873 1 Rhinosoft 1 Serv-u 2023-12-10 10.0 HIGH N/A
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.
CVE-2007-1079 1 Rhinosoft 1 Ftp Voyager 2023-12-10 7.8 HIGH N/A
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command.
CVE-2004-1691 1 Rhinosoft 1 Dns4me 2023-12-10 5.0 MEDIUM N/A
The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data.
CVE-2004-1690 1 Rhinosoft 1 Dns4me 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.
CVE-2001-1103 1 Rhinosoft 1 Ftp Voyager 2023-12-10 7.5 HIGH N/A
FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands.
CVE-2004-1939 1 Rhinosoft 1 Zaep Antispam 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.