Vulnerabilities (CVE)

Total 89193 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0756 1 Virtualcart 1 Virtualcatalog 2023-12-10 7.5 HIGH N/A
CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualCart) allows remote attackers to execute arbitrary code via the template parameter.
CVE-2002-0500 1 Microsoft 1 Internet Explorer 2023-12-10 5.0 MEDIUM N/A
Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.
CVE-1999-0628 4 Freebsd, Ibm, Linux and 1 more 4 Freebsd, Aix, Linux Kernel and 1 more 2023-12-10 5.0 MEDIUM N/A
The rwho/rwhod service is running, which exposes machine status and user information.
CVE-2003-0255 1 Gnu 1 Privacy Guard 2023-12-10 10.0 HIGH N/A
The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.
CVE-2004-0431 1 Apple 1 Quicktime 2023-12-10 5.1 MEDIUM N/A
Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.
CVE-2002-1564 1 Microsoft 1 Internet Explorer 2023-12-10 5.0 MEDIUM N/A
Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability.
CVE-2001-0190 1 Sun 2 Solaris, Sunos 2023-12-10 7.2 HIGH N/A
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
CVE-2003-1186 1 Telcondex 1 Simplewebserver 2023-12-10 7.5 HIGH N/A
Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header.
CVE-2001-0339 1 Microsoft 1 Internet Explorer 2023-12-10 7.5 HIGH N/A
Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability."
CVE-2000-0604 1 Redhat 1 Linux 2023-12-10 4.6 MEDIUM N/A
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
CVE-2001-0782 1 Kde 1 Ktv 2023-12-10 7.2 HIGH N/A
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
CVE-1999-1241 1 Microsoft 1 Internet Explorer 2023-12-10 10.0 HIGH N/A
Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object.
CVE-2004-2069 1 Openbsd 1 Openssh 2023-12-10 5.0 MEDIUM N/A
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
CVE-2002-1181 1 Microsoft 2 Internet Information Server, Internet Information Services 2023-12-10 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.
CVE-2003-0863 1 Php 1 Php 2023-12-10 7.5 HIGH N/A
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.
CVE-2000-1187 1 Netscape 2 Communicator, Navigator 2023-12-10 7.5 HIGH N/A
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVE-2004-0072 1 Accipiter 1 Accipiter Direct Server 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request.
CVE-2001-0412 1 Cisco 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 2023-12-10 7.2 HIGH N/A
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
CVE-2000-0405 1 Atstake 1 Antisniff 2023-12-10 10.0 HIGH N/A
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
CVE-2004-1327 1 Crystal Art Software 1 Crystal Ftp 2023-12-10 7.5 HIGH N/A
Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension.