Total
90284 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1882 | 1 Oracle | 1 E-business Suite | 2023-12-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors. | |||||
| CVE-2002-1803 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2001-0015 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.2 HIGH | N/A |
| Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | |||||
| CVE-2001-1477 | 1 Bea | 1 Tuxedo | 2023-12-10 | 4.6 MEDIUM | N/A |
| The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain. | |||||
| CVE-2003-1395 | 1 Kazaa | 1 Kazaa Media Desktop | 2023-12-10 | 9.0 HIGH | N/A |
| Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server. | |||||
| CVE-2001-1444 | 1 Kth | 1 Kth Kerberos | 2023-12-10 | 7.5 HIGH | N/A |
| The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack. | |||||
| CVE-2003-0676 | 1 Sun | 2 Iplanet Directory Server, One Directory Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. | |||||
| CVE-2003-1415 | 1 Visual Mining | 1 Netcharts Xbrl Server | 2023-12-10 | 6.8 MEDIUM | N/A |
| NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification. | |||||
| CVE-2002-1433 | 1 Kerio | 1 Kerio Mailserver | 2023-12-10 | 5.0 MEDIUM | N/A |
| Kerio MailServer 5.0 allows remote attackers to cause a denial of service (hang) via SYN packets to the supported network services. | |||||
| CVE-2000-0165 | 1 Etl | 1 Delegate | 2023-12-10 | 7.5 HIGH | N/A |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. | |||||
| CVE-1999-1520 | 1 Microsoft | 1 Site Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information. | |||||
| CVE-2004-0755 | 1 Yukihiro Matsumoto | 1 Ruby | 2023-12-10 | 2.1 LOW | N/A |
| The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions. | |||||
| CVE-2001-1407 | 1 Mozilla | 1 Bugzilla | 2023-12-10 | 7.5 HIGH | N/A |
| Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug. | |||||
| CVE-1999-1023 | 1 Sun | 1 Sunos | 2023-12-10 | 4.6 MEDIUM | N/A |
| useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. | |||||
| CVE-2002-0119 | 1 Alcatel | 1 Speed Touch Home | 2023-12-10 | 5.0 MEDIUM | N/A |
| Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection. | |||||
| CVE-2002-2186 | 1 Macromedia | 1 Jrun | 2023-12-10 | 5.0 MEDIUM | N/A |
| Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL. | |||||
| CVE-2003-0728 | 1 Horde | 1 Horde | 2023-12-10 | 6.4 MEDIUM | N/A |
| Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL. | |||||
| CVE-2004-0206 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
| Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow. | |||||
| CVE-1999-0609 | 1 Mercantec | 1 Softcart | 2023-12-10 | 5.0 MEDIUM | N/A |
| An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information. | |||||
| CVE-2002-2369 | 1 Perception | 1 Liteserve | 2023-12-10 | 5.0 MEDIUM | N/A |
| Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL. | |||||