Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0144 | 1 Scott Parish | 1 Chuid | 2025-04-03 | N/A |
| Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack. | ||||
| CVE-2002-0165 | 2 Logwatch, Redhat | 3 Logwatch, Linux, Powertools | 2025-04-03 | N/A |
| LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162. | ||||
| CVE-2002-1743 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of service (crash) via a malformed .hpf file. | ||||
| CVE-2003-0099 | 1 Apc | 1 Apcupsd | 2025-04-03 | N/A |
| Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. | ||||
| CVE-2002-0176 | 1 Avaya | 1 Libsafe | 2025-04-03 | N/A |
| The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. | ||||
| CVE-2002-1747 | 1 Maxim Krasnyansky | 1 Vtun | 2025-04-03 | N/A |
| Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB. | ||||
| CVE-2003-0100 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. | ||||
| CVE-2004-2398 | 1 Netenberg | 1 Fantastico De Luxe | 2025-04-03 | N/A |
| Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5. | ||||
| CVE-2001-0412 | 1 Cisco | 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 | 2025-04-03 | N/A |
| Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | ||||
| CVE-2002-0209 | 1 Nortel | 1 Alteon Acedirector | 2025-04-03 | N/A |
| Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address. | ||||
| CVE-2002-0213 | 2 Sgi, Xinet | 2 Irix, K-ashare | 2025-04-03 | N/A |
| xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. | ||||
| CVE-2002-0217 | 1 Xoops | 1 Xoops | 2025-04-03 | N/A |
| Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php. | ||||
| CVE-2006-2393 | 1 Empire Server | 1 Empire Server | 2025-04-03 | N/A |
| The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access. | ||||
| CVE-2000-0629 | 1 Sun | 1 Java System Web Server | 2025-04-03 | N/A |
| The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. | ||||
| CVE-2005-4869 | 1 Ibm | 1 Db2 | 2025-04-03 | N/A |
| The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference. | ||||
| CVE-2005-1001 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | N/A |
| PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message. | ||||
| CVE-2006-3595 | 1 Cisco | 1 Router Web Setup | 2025-04-03 | N/A |
| The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190. | ||||
| CVE-2000-0645 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | N/A |
| WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE). | ||||
| CVE-2005-1012 | 1 Iatek | 1 Siteenable | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description. | ||||
| CVE-2006-0741 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." | ||||