Max CVSS 10.0 Min CVSS 4.6 Total Count21
IDCVSSSummaryLast (major) updatePublished
CVE-2018-17553 6.5
An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../..
03-10-2018 - 16:29 03-10-2018 - 16:29
CVE-2018-17552 7.5
SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie.
03-10-2018 - 16:29 03-10-2018 - 16:29
CVE-2017-1000083 6.8
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option su
05-09-2017 - 02:29 05-09-2017 - 02:29
CVE-2017-9791 7.5
The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
10-07-2017 - 12:29 10-07-2017 - 12:29
CVE-2003-0818 7.5
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encod
17-10-2016 - 22:37 03-03-2004 - 00:00
CVE-2003-0471 7.5
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0213 7.5
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0027 5.0
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2002-1123 7.5
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2010-4221 10.0
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
14-09-2011 - 23:18 09-11-2010 - 16:00
CVE-2010-3867 7.1
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequence
14-09-2011 - 23:17 09-11-2010 - 16:00
CVE-2005-2611 10.0
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which
07-03-2011 - 21:24 17-08-2005 - 00:00
CVE-2005-1213 7.5
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
10-09-2008 - 15:38 14-06-2005 - 00:00
CVE-1999-0526 10.0
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
09-09-2008 - 08:34 01-07-1997 - 00:00
CVE-1999-0504 7.5
A Windows NT local user or administrator account has a default, null, blank, or missing password.
09-09-2008 - 08:34 01-01-1997 - 00:00
CVE-1999-0502 7.5
A Unix account has a default, null, blank, or missing password.
09-09-2008 - 08:34 01-03-1998 - 00:00
CVE-2005-1415 10.0
Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.
05-09-2008 - 16:49 03-05-2005 - 00:00
CVE-2002-1643 7.5
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two
05-09-2008 - 16:31 19-12-2002 - 00:00
CVE-2002-1473 4.6
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:30 22-04-2003 - 00:00
CVE-2002-1120 7.5
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
05-09-2008 - 16:29 24-09-2002 - 00:00
CVE-1999-0651 7.5
The rsh/rlogin service is running.
20-10-2005 - 00:00 01-01-1999 - 00:00
Back to Top Mark selected
Back to Top