Total
91783 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2023-12-10 | 5.0 MEDIUM | N/A |
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. | |||||
CVE-2002-2183 | 1 Phpshare | 1 Phpshare | 2023-12-10 | 7.5 HIGH | N/A |
phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary PHP scripts from remote servers. | |||||
CVE-2003-0824 | 1 Microsoft | 4 Frontpage Server Extensions, Sharepoint Team Services, Windows 2000 and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. | |||||
CVE-2002-2087 | 1 Borland Software | 1 Interbase | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | |||||
CVE-2004-2024 | 1 Zen Cart | 1 Zen Cart | 2023-12-10 | 7.5 HIGH | N/A |
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | |||||
CVE-2003-0851 | 2 Cisco, Openssl | 5 Css11000 Content Services Switch, Ios, Pix Firewall and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | |||||
CVE-1999-0272 | 1 Slmail | 1 Slmail | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in Slmail v2.5 through the POP3 port. | |||||
CVE-1999-0066 | 1 John S. Roberts | 1 Anyform | 2023-12-10 | 7.5 HIGH | N/A |
AnyForm CGI remote execution. | |||||
CVE-2003-1304 | 1 Early Impact | 1 Productcart | 2023-12-10 | 5.0 MEDIUM | N/A |
EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. | |||||
CVE-2003-0588 | 1 Digi-fx | 1 Digi-news | 2023-12-10 | 10.0 HIGH | N/A |
admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | |||||
CVE-2004-2009 | 1 Adam Webb | 1 Nukejokes | 2023-12-10 | 5.0 MEDIUM | N/A |
NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via (1) a direct call to mainfunctions.php, (2) an invalid jokeid parameter in a JokeView function or (3) an invalid cat parameter in a CatView function, which reveals the path in a PHP error message. | |||||
CVE-1999-0155 | 1 Aladdin Enterprises | 1 Ghostscript | 2023-12-10 | 7.5 HIGH | N/A |
The ghostscript command with the -dSAFER option allows remote attackers to execute commands. | |||||
CVE-2001-0346 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them. | |||||
CVE-2003-1543 | 1 Bajie | 1 Java Http Server | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message. | |||||
CVE-2003-0087 | 1 National Language Support | 1 Libim | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm. | |||||
CVE-2000-1165 | 1 Balabit | 1 Syslog-ng | 2023-12-10 | 5.0 MEDIUM | N/A |
Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier. | |||||
CVE-2004-0274 | 1 Eggheads | 1 Eggdrop Irc Bot | 2023-12-10 | 7.5 HIGH | N/A |
Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STAT_OFFERED status to a bot that is not a sharebot, which allows remote attackers to use STAT_OFFERED to promote a bot to a sharebot and conduct unauthorized activities. | |||||
CVE-2004-0078 | 1 Mutt | 1 Mutt | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. | |||||
CVE-2000-1064 | 1 Hp | 1 Jetdirect | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||||
CVE-2004-1686 | 1 Microsoft | 1 Ie | 2023-12-10 | 5.0 MEDIUM | N/A |
Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin. |