Filtered by vendor Ipswitch
Subscribe
Total
125 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2601 | 1 Ipswitch | 1 Whatsup Gold | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter. | |||||
| CVE-2011-4722 | 1 Ipswitch | 1 Tftp Server | 2017-08-28 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. | |||||
| CVE-2011-1430 | 1 Ipswitch | 1 Imail | 2017-08-16 | 6.8 MEDIUM | N/A |
| The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. | |||||
| CVE-2007-4555 | 1 Ipswitch | 1 Ws Ftp | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to create a new admin account. | |||||
| CVE-2007-4345 | 1 Ipswitch | 2 Imail Client, Imail Server | 2017-07-28 | 7.5 HIGH | N/A |
| Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail Server 2006.22, allows remote attackers to execute arbitrary code via a long boundary parameter in a multipart MIME e-mail message. | |||||
| CVE-2007-3925 | 1 Ipswitch | 2 Imail Server, Ipswitch Collaboration Suite | 2017-07-28 | 6.5 MEDIUM | N/A |
| Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command. | |||||
| CVE-2007-3927 | 1 Ipswitch | 2 Imail Server, Ipswitch Collaboration Suite | 2017-07-28 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "subscribe." | |||||
| CVE-2007-3823 | 1 Ipswitch | 1 Ws Ftp | 2017-07-28 | 7.8 HIGH | N/A |
| The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp. | |||||
| CVE-2006-2353 | 1 Ipswitch | 1 Whatsup Professional | 2017-07-19 | 5.0 MEDIUM | N/A |
| NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters. | |||||
| CVE-2006-2354 | 1 Ipswitch | 1 Whatsup Professional | 2017-07-19 | 5.0 MEDIUM | N/A |
| NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-2355 | 1 Ipswitch | 1 Whatsup Professional | 2017-07-19 | 5.0 MEDIUM | N/A |
| Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote attackers to obtain full path information via 404 error messages. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-2357 | 1 Ipswitch | 1 Whatsup Professional | 2017-07-19 | 5.0 MEDIUM | N/A |
| Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp. | |||||
| CVE-2006-2351 | 1 Ipswitch | 1 Whatsup Professional | 2017-07-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp or (3) sHostname parameter to (b) NmConsole/ToolResults.asp. | |||||
| CVE-2006-2352 | 1 Ipswitch | 1 Whatsup Professional | 2017-07-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1939 | 1 Ipswitch | 1 Whatsup Small Business | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in a request to the Report service (TCP 8022). | |||||
| CVE-2005-0707 | 1 Ipswitch | 1 Ipswitch Collaboration Suite | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. | |||||
| CVE-2004-2422 | 1 Ipswitch | 1 Imail | 2017-07-10 | 5.0 MEDIUM | N/A |
| Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. | |||||
| CVE-2004-1520 | 1 Ipswitch | 1 Imail | 2017-07-10 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. | |||||
| CVE-2004-2401 | 1 Ipswitch | 1 Imail Express | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Ipswitch IMail Express Web Messaging before 8.05 might allow remote attackers to execute arbitrary code via an HTML message with long "tag text." | |||||
| CVE-2004-2423 | 1 Ipswitch | 1 Imail | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content." | |||||