Total
90720 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1445 | 1 W3c | 1 Cern Httpd | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page. | |||||
CVE-1999-1011 | 1 Microsoft | 4 Data Access Components, Index Server, Internet Information Server and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. | |||||
CVE-2004-1432 | 1 Cisco | 1 Optical Networking Systems Software | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed (1) IP or (2) ICMP packets. | |||||
CVE-2003-0761 | 1 Digium | 1 Asterisk | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | |||||
CVE-2002-2033 | 1 Faqmanager | 1 Faqmanager.cgi | 2023-12-10 | 5.0 MEDIUM | N/A |
faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). | |||||
CVE-2002-2416 | 1 Zeroo | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request. | |||||
CVE-1999-0442 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 2.1 LOW | N/A |
Solaris ff.core allows local users to modify files. | |||||
CVE-2000-1211 | 1 Zope | 1 Zope | 2023-12-10 | 7.5 HIGH | N/A |
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. | |||||
CVE-2002-1447 | 1 Cisco | 1 Vpn Client | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument. | |||||
CVE-2002-0343 | 1 Hotline Communications | 1 Hotline Connect | 2023-12-10 | 4.6 MEDIUM | N/A |
Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords. | |||||
CVE-2002-2343 | 1 Nocc | 1 Nocc | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. | |||||
CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2023-12-10 | 7.5 HIGH | N/A |
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | |||||
CVE-2001-1126 | 1 Symantec | 1 Liveupdate | 2023-12-10 | 5.0 MEDIUM | N/A |
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | |||||
CVE-2001-0017 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. | |||||
CVE-2000-1150 | 1 Xavier Ducrohet | 1 Felix | 2023-12-10 | 5.0 MEDIUM | N/A |
Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
CVE-2002-0352 | 1 Phorum | 1 Phorum | 2023-12-10 | 5.0 MEDIUM | N/A |
Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication. | |||||
CVE-2000-0213 | 1 Sambar | 1 Sambar Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters. | |||||
CVE-2003-0427 | 1 Miod Vallat | 1 Mikmod | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. | |||||
CVE-2001-0407 | 1 Oracle | 1 Mysql | 2023-12-10 | 4.6 MEDIUM | N/A |
Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). | |||||
CVE-1999-0608 | 1 Pdgsoft | 1 Pdg Shopping Cart | 2023-12-10 | 5.0 MEDIUM | N/A |
An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information. |