Total
90739 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0726 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.5 HIGH | N/A |
The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel. | |||||
CVE-2003-0042 | 1 Apache | 1 Tomcat | 2023-12-10 | 5.0 MEDIUM | N/A |
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character. | |||||
CVE-1999-0507 | 2023-12-10 | 7.5 HIGH | N/A | ||
An account on a router, firewall, or other network device has a guessable password. | |||||
CVE-2004-1721 | 1 Merak | 1 Mail Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attackers to read arbitrary PHP files via a direct HTTP request to port 32000. | |||||
CVE-2004-1586 | 1 Jera Technology | 1 Flash Messaging Server | 2023-12-10 | 2.1 LOW | N/A |
Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected. | |||||
CVE-2001-1061 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error. | |||||
CVE-1999-0630 | 2023-12-10 | 10.0 HIGH | N/A | ||
The NT Alerter and Messenger services are running. | |||||
CVE-2003-0850 | 2 Dug Song, Rafal Wojtczuk | 2 Dsniff, Libnids | 2023-12-10 | 7.5 HIGH | N/A |
The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." | |||||
CVE-1999-0632 | 2023-12-10 | N/A | N/A | ||
The RPC portmapper service is running. | |||||
CVE-2004-0013 | 1 Jabber Software Foundation | 1 Jabber Server | 2023-12-10 | 5.0 MEDIUM | N/A |
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash). | |||||
CVE-2001-0034 | 1 Kth | 1 Kth Kerberos | 2023-12-10 | 7.2 HIGH | N/A |
KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges. | |||||
CVE-2000-1243 | 1 Dansie | 1 Shopping Cart | 2023-12-10 | 5.0 MEDIUM | N/A |
Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers. | |||||
CVE-2003-0599 | 1 Phpgroupware | 1 Phpgroupware | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root. | |||||
CVE-2003-0670 | 1 Sustainable Softworks | 2 Ipnetmonitorx, Ipnetsentryx | 2023-12-10 | 2.1 LOW | N/A |
Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow. | |||||
CVE-2004-1353 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges. | |||||
CVE-1999-0148 | 1 Sgi | 1 Irix | 2023-12-10 | 7.5 HIGH | N/A |
The handler CGI program in IRIX allows arbitrary command execution. | |||||
CVE-2002-2013 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
CVE-2001-1442 | 1 Isc | 1 Inn | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument. | |||||
CVE-2003-1325 | 1 Valve Software | 1 Half-life Cstrike Dedicated Server | 2023-12-10 | 5.2 MEDIUM | N/A |
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734. | |||||
CVE-2002-0478 | 1 Foundrynet | 1 Edgeiron | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configuration of Foundry Networks EdgeIron 4802F allows remote attackers to modify sensitive information via arbitrary SNMP community strings. |