Total
250637 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2258 | 1 Hummingbird | 1 Exceed | 2023-12-10 | 2.1 LOW | N/A |
Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab. | |||||
CVE-2004-0910 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0815. Reason: This candidate is a reservation duplicate of CVE-2004-0815. Notes: All CVE users should reference CVE-2004-0815 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2003-0577 | 1 Mpg123 | 1 Mpg123 | 2023-12-10 | 7.5 HIGH | N/A |
mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. | |||||
CVE-2001-0973 | 1 Fraunhofer Fit | 1 Bscw | 2023-12-10 | 6.4 MEDIUM | N/A |
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space. | |||||
CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2023-12-10 | 7.5 HIGH | N/A |
EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
CVE-2001-0100 | 1 Brian Stanback | 1 Bslist.cgi | 2023-12-10 | 10.0 HIGH | N/A |
bslist.cgi mailing list script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. | |||||
CVE-1999-1178 | 1 Sambar | 1 Sambar Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. | |||||
CVE-2003-0525 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method. | |||||
CVE-2004-2247 | 1 Goosequill | 1 Audienceconnect | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect before 1.0.beta.21 has unknown impact and attack vectors. | |||||
CVE-2000-0779 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 7.5 HIGH | N/A |
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests. | |||||
CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||
CVE-2003-0294 | 1 Php-proxima | 1 Php-proxima | 2023-12-10 | 5.0 MEDIUM | N/A |
autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. | |||||
CVE-2000-0555 | 1 Lilikoi | 1 Ceilidh | 2023-12-10 | 5.0 MEDIUM | N/A |
Ceilidh allows remote attackers to cause a denial of service via a large number of POST requests. | |||||
CVE-2004-0851 | 1 Ulrich Callmeier | 1 Net-acct | 2023-12-10 | 2.1 LOW | N/A |
The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2004-0710 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
CVE-2000-0641 | 1 Michael Lamont | 1 Savant Webserver | 2023-12-10 | 7.5 HIGH | N/A |
Savant web server allows remote attackers to execute arbitrary commands via a long GET request. | |||||
CVE-2002-0238 | 1 Netgear | 1 Rt314 | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script. | |||||
CVE-2002-1892 | 1 Netgear | 1 Fvs318 | 2023-12-10 | 2.1 LOW | N/A |
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | |||||
CVE-2000-0762 | 2 Broadcom, Ca | 2 Etrust Access Control, Etrust Access Control | 2023-12-10 | 10.0 HIGH | N/A |
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges. | |||||
CVE-2004-1381 | 1 Mozilla | 2 Firefox, Mozilla | 2023-12-10 | 5.0 MEDIUM | N/A |
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks. |