Total
90286 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1654 | 1 Phpwebsite | 1 Phpwebsite | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute arbitrary SQL commands via cal_template. | |||||
CVE-2002-0954 | 1 Cisco | 1 Pix Firewall | 2023-12-10 | 7.5 HIGH | N/A |
The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | |||||
CVE-2002-2018 | 1 Sas | 2 Base, Integration Technologies | 2023-12-10 | 7.2 HIGH | N/A |
sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault. | |||||
CVE-2003-0737 | 1 Phpwebsite | 1 Phpwebsite | 2023-12-10 | 5.0 MEDIUM | N/A |
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library. | |||||
CVE-1999-0312 | 1 Hp | 1 Hp-ux | 2023-12-10 | 5.0 MEDIUM | N/A |
HP ypbind allows attackers with root privileges to modify NIS data. | |||||
CVE-2002-0784 | 1 Lysias | 1 Lidik Webserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Lysias Lidik web server 0.7b allows remote attackers to list directories via an HTTP request with a ... (modified dot dot). | |||||
CVE-2003-0639 | 1 Novell | 1 Ichain | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication. | |||||
CVE-2004-2025 | 1 Zen Cart | 1 Zen Cart | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. | |||||
CVE-2002-2195 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response. | |||||
CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2023-12-10 | 2.1 LOW | N/A |
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||||
CVE-2002-2410 | 1 Open Webmail | 1 Open Webmail | 2023-12-10 | 5.0 MEDIUM | N/A |
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information. | |||||
CVE-2003-0475 | 1 Ashley Brown | 1 Iweb Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability than CVE-2003-0474. | |||||
CVE-1999-0830 | 1 Sco | 1 Unixware | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in SCO UnixWare Xsco command via a long argument. | |||||
CVE-2004-1562 | 1 W-agora | 1 W-agora | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands via the key parameter. | |||||
CVE-2002-0912 | 1 Debian | 1 Debian Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow. | |||||
CVE-2004-1944 | 1 Qualcomm | 1 Eudora | 2023-12-10 | 5.0 MEDIUM | N/A |
Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message. | |||||
CVE-1999-1472 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | |||||
CVE-2004-0752 | 1 Openoffice | 1 Openoffice | 2023-12-10 | 2.1 LOW | N/A |
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | |||||
CVE-2002-0578 | 1 Aci | 1 4d Webserver | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password. | |||||
CVE-1999-1263 | 1 Metamail Corporation | 1 Metamail | 2023-12-10 | 2.6 LOW | N/A |
Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file. |