CVE alerts
45 alerts in this category.
Threat alerts that map to a registered CVE entry. Each carries severity, exploitation status, affected products, and a direct path to the vendor patch.
Critical Vulnerability: CVE-2002-1798 — midicart — midicart_php, midicart_php_maxi
MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admi
midicartCVE-2002-1798Critical Vulnerability: CVE-2002-1816 — redshift — atphttpd
Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
redshiftCVE-2002-1816Critical Vulnerability: CVE-2002-1820 — ultimate_php_board_project — ultimate_php_board
register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account n
ultimate_php_board_projectCVE-2002-1820Critical Vulnerability: CVE-2002-1347 — cyrusimap, apple — cyrus_sasl, mac_os_x
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonical
cyrusimap, appleCVE-2002-1347Critical Vulnerability: CVE-2002-0391 — freebsd, openbsd — freebsd, openbsd
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by
freebsd, openbsdCVE-2002-0391Critical Vulnerability: CVE-2002-0639 — openbsd — openssh
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using
openbsdCVE-2002-0639Critical Vulnerability: CVE-2002-0671 — pingtel — xpressa_firmware, xpressa
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attacker
pingtelCVE-2002-0671Critical Vulnerability: CVE-2002-0059 — zlib — zlib
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow l
zlibCVE-2002-0059Critical Vulnerability: CVE-2002-0083 — immunix, mandrakesoft — immunix, mandrake_single_network_firewall
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
immunix, mandrakesoftCVE-2002-0083Critical Vulnerability: CVE-2001-1125 — symantec — liveupdate
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com
symantecCVE-2001-1125Critical Vulnerability: CVE-2001-0766 — apache, apple — http_server, mac_os_x
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
apache, appleCVE-2001-0766Critical Vulnerability: CVE-2001-1481 — xitami — xitami
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.
xitamiCVE-2001-1481Critical Vulnerability: CVE-2001-1496 — acme — thttpd
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
acmeCVE-2001-1496Critical Vulnerability: CVE-2001-1155 — freebsd — freebsd
TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass i
freebsdCVE-2001-1155Critical Vulnerability: CVE-2001-0967 — arkeia — arkeia
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password gu
arkeiaCVE-2001-0967Critical Vulnerability: CVE-2001-0609 — infodrom — cfingerd
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
infodromCVE-2001-0609Critical Vulnerability: CVE-2001-0395 — lightwavemo — consoleserver_3200_firmware, consoleserver_3200
Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing.
lightwavemoCVE-2001-0395Critical Vulnerability: CVE-2001-1291 — 3com — superstack_ii_ps_hub_40_firmware, superstack_ii_ps_hub_40
The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the serv
3comCVE-2001-1291Critical Vulnerability: CVE-2001-1339 — anybus — ipc\@chip_firmware, ipc\@chip
Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad passwords are entered, which makes it easier for remote attackers to conduct brute force password gue
anybusCVE-2001-1339Critical Vulnerability: CVE-2001-0248 — hp, sgi — hp-ux, irix
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
hp, sgiCVE-2001-0248Critical Vulnerability: CVE-2001-0249 — hp, oracle — hp-ux, solaris
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.
hp, oracleCVE-2001-0249Critical Vulnerability: CVE-2000-0944 — cgi — script_center_news_update
CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without
cgiCVE-2000-0944Critical Vulnerability: CVE-2000-1218 — microsoft — windows_2000, windows_98
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts tha
microsoftCVE-2000-1218Critical Vulnerability: CVE-1999-1324 — hp — openvms_vax
VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which ma
hpCVE-1999-1324Critical Vulnerability: CVE-1999-1588 — sun — solaris
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka Syst
sunCVE-1999-1588Critical Vulnerability: CVE-1999-0426 — suse — suse_linux
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
suseCVE-1999-0426Critical Vulnerability: CVE-1999-0006 — qualcomm — qpopper
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
qualcommCVE-1999-0006Critical Vulnerability: CVE-1999-0066 — john_s._roberts — anyform
CVE-1999-0066 is a Critical-severity vulnerability tracked under the Common Vulnerabilities and Exposures program. It affects john_s._roberts anyform, and was added to the public CVE feed for security
john_s._robertsCVE-1999-0066Critical Vulnerability: CVE-1999-0043 — isc, netscape — inn, news_server
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
isc, netscapeCVE-1999-0043Critical Vulnerability: CVE-1999-0511 — microsoft — windows_2000, windows_nt
IP forwarding is enabled on a machine which is not a router or firewall.
microsoftCVE-1999-0511Critical Vulnerability: CVE-2005-2773 — hp — openview_network_node_manager
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3)
hpCVE-2005-2773Critical Vulnerability: CVE-2005-2103 — gaim_project — gaim
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a l
gaim_projectCVE-2005-2103Critical Vulnerability: CVE-2005-1689 — mit, apple — kerberos_5, mac_os_x
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
mit, appleCVE-2005-1689Critical Vulnerability: CVE-2005-1744 — bea — weblogic_server
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without hav
beaCVE-2005-1744Critical Vulnerability: CVE-2005-1513 — qmail_project, canonical — qmail, ubuntu_linux
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly
qmail_project, canonicalCVE-2005-1513Critical Vulnerability: CVE-2005-0269 — sir — gnuboard
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that incl
sirCVE-2005-0269Critical Vulnerability: CVE-2005-0199 — barton — ngircd
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a
bartonCVE-2005-0199Critical Vulnerability: CVE-2005-1141 — optical_character_recognition_project — optical_character_recognition
Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi
optical_character_recognition_projectCVE-2005-1141Critical Vulnerability: CVE-2005-0408 — citrusdb — citrusdb
CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating th
citrusdbCVE-2005-0408Critical Vulnerability: CVE-2005-0496 — arkeia — network_backup
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
arkeiaCVE-2005-0496Critical Vulnerability: CVE-2005-0102 — gnome, debian — evolution, debian_linux
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte
gnome, debianCVE-2005-0102Critical Vulnerability: CVE-2004-2214 — mbedthis — appweb_http_server
Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters.
mbedthisCVE-2004-2214Critical Vulnerability: CVE-2004-2154 — apple, canonical — cups, ubuntu_linux
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are
apple, canonicalCVE-2004-2154Critical RCE in Apache HTTP Server (CVE-2024-38474) Allows Full System Takeover
A critical remote code execution vulnerability in Apache HTTP Server 2.4.59 and earlier allows unauthenticated attackers to execute arbitrary code via crafted requests to mod_rewrite.
Apache Software FoundationCVE-2024-38474High Severity Format String Vulnerability in Fortinet FortiOS (CVE-2024-23113)
Fortinet FortiOS fgfmd daemon contains a format string vulnerability allowing remote unauthenticated attackers to execute arbitrary code via specially crafted requests.
FortinetCVE-2024-23113
Get alerts that match YOUR environment
This page shows everything in the category. Vulnios narrows it down to alerts that affect your actual asset inventory — only the CVEs you need to act on.
Start a free scan