Total
250630 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1828 | 1 Savant | 1 Savant Webserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value. | |||||
CVE-2002-0292 | 1 Open Source Development Network | 1 Slashcode | 2023-12-10 | 2.6 LOW | N/A |
Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field. | |||||
CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
CVE-1999-0050 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in HP-UX newgrp program. | |||||
CVE-1999-0458 | 1 L0pht | 1 L0phtcrack | 2023-12-10 | 2.1 LOW | N/A |
L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information. | |||||
CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2023-12-10 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | |||||
CVE-2004-1752 | 1 Nakedsoft | 1 Gaucho | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header. | |||||
CVE-2002-1307 | 1 Mhonarc | 1 Mhonarc | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name. | |||||
CVE-2004-1497 | 1 Minihttpserver.net | 1 Web Forums Server | 2023-12-10 | 4.6 MEDIUM | N/A |
Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges. | |||||
CVE-2004-1744 | 1 Efs Software | 1 Efs Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests. | |||||
CVE-1999-1476 | 1 Intel | 2 Pentium, Pentuim | 2023-12-10 | 2.1 LOW | N/A |
A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem. | |||||
CVE-2003-0771 | 1 Apache Gallery | 1 Apache Gallery | 2023-12-10 | 4.6 MEDIUM | N/A |
Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does. | |||||
CVE-2002-1795 | 1 Microsoft | 1 Tsac Activex Control | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
CVE-2000-1235 | 1 Oracle | 1 Application Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files. | |||||
CVE-2004-2189 | 1 Dmxready | 1 Dmxready Site Chassis Manager | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
CVE-2002-0929 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests. | |||||
CVE-2001-0774 | 1 Tripwire | 1 Tripwire | 2023-12-10 | 4.6 MEDIUM | N/A |
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files. | |||||
CVE-1999-1473 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." | |||||
CVE-2004-1941 | 1 Fastream | 1 Netfile Ftp Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to cause a denial of service via a username that does not exist. | |||||
CVE-2004-1776 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. |