Total
90730 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1530 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters. | |||||
| CVE-2002-1036 | 1 Zoltan Milosevic | 1 Fluid Dynamics Search Engine | 2023-12-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters. | |||||
| CVE-2002-2384 | 1 Hotfoon Corporation | 1 Hotfoon | 2023-12-10 | 3.6 LOW | N/A |
| hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service. | |||||
| CVE-2003-1521 | 1 Sun | 1 Java Plug-in | 2023-12-10 | 6.4 MEDIUM | N/A |
| Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. | |||||
| CVE-2004-0323 | 1 Xmb Forum | 1 Xmb | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. NOTE: it has also been shown that item (3) is also in XMB 1.9 beta. | |||||
| CVE-2000-1222 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
| AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. | |||||
| CVE-2004-0371 | 1 Kth | 1 Heimdal | 2023-12-10 | 5.0 MEDIUM | N/A |
| Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path. | |||||
| CVE-2000-0374 | 1 Caldera | 1 Openlinux | 2023-12-10 | 10.0 HIGH | N/A |
| The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions. | |||||
| CVE-2001-0562 | 1 Drummond Miles | 1 A1stats | 2023-12-10 | 7.5 HIGH | N/A |
| a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters. | |||||
| CVE-2001-0723 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 6.4 MEDIUM | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript, aka the "Second Cookie Handling Vulnerability." | |||||
| CVE-2001-1076 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable. | |||||
| CVE-2004-1317 | 1 Netcat | 1 Netcat | 2023-12-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command. | |||||
| CVE-2002-1001 | 1 Analogx | 1 Proxy | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname. | |||||
| CVE-2002-0454 | 1 Qualcomm | 1 Qpopper | 2023-12-10 | 5.0 MEDIUM | N/A |
| Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop. | |||||
| CVE-2002-1482 | 1 Phpgb | 1 Phpgb | 2023-12-10 | 10.0 HIGH | N/A |
| SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry. | |||||
| CVE-2002-1050 | 1 Hylafax | 1 Hylafax | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data. | |||||
| CVE-2003-0690 | 1 Kde | 1 Kde | 2023-12-10 | 10.0 HIGH | N/A |
| KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. | |||||
| CVE-1999-0925 | 1 Messagemedia | 1 Unitymail | 2023-12-10 | 5.0 MEDIUM | N/A |
| UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers. | |||||
| CVE-2002-0040 | 1 Sgi | 1 Irix | 2023-12-10 | 2.1 LOW | N/A |
| Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. | |||||
| CVE-2002-1908 | 1 Microsoft | 1 Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters. | |||||