Total
91438 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1407 | 1 Singapore | 1 Image Gallery Web Application | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php. | |||||
CVE-2001-1464 | 1 Businessobjects | 1 Crystal Reports | 2023-12-10 | 7.5 HIGH | N/A |
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords. | |||||
CVE-2001-0107 | 1 Symantec Veritas | 1 Backup | 2023-12-10 | 5.0 MEDIUM | N/A |
Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang. | |||||
CVE-2004-1350 | 1 Sun | 1 Java System Web Proxy Server | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests. | |||||
CVE-2001-0428 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. | |||||
CVE-2001-0623 | 1 Sendfile | 1 Sendfile | 2023-12-10 | 4.6 MEDIUM | N/A |
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges. | |||||
CVE-2003-0172 | 1 Php | 1 Php | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. | |||||
CVE-2004-0638 | 1 Oracle | 2 Oracle8i, Oracle9i | 2023-12-10 | 8.5 HIGH | N/A |
Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument. | |||||
CVE-1999-0447 | 1 Hp | 1 Mpe Ix | 2023-12-10 | 4.6 MEDIUM | N/A |
Local users can gain privileges using the debug utility in the MPE/iX operating system. | |||||
CVE-1999-0912 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 2.1 LOW | N/A |
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files. | |||||
CVE-2002-0392 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2023-12-10 | 7.5 HIGH | N/A |
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | |||||
CVE-2000-0173 | 1 Sco | 1 Unixware | 2023-12-10 | 5.0 MEDIUM | N/A |
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. | |||||
CVE-1999-0306 | 1 Hp | 1 Vvos | 2023-12-10 | 7.2 HIGH | N/A |
buffer overflow in HP xlock program. | |||||
CVE-2003-0056 | 1 Slocate | 1 Slocate | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument. | |||||
CVE-2002-1882 | 1 Oracle | 1 E-business Suite | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors. | |||||
CVE-2002-1803 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
CVE-2001-0015 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.2 HIGH | N/A |
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | |||||
CVE-2001-1477 | 1 Bea | 1 Tuxedo | 2023-12-10 | 4.6 MEDIUM | N/A |
The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain. | |||||
CVE-2003-1395 | 1 Kazaa | 1 Kazaa Media Desktop | 2023-12-10 | 9.0 HIGH | N/A |
Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server. | |||||
CVE-2001-1444 | 1 Kth | 1 Kth Kerberos | 2023-12-10 | 7.5 HIGH | N/A |
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack. |