Total
91470 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0624 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Winamp 2.64 and earlier allows remote attackers to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist. | |||||
| CVE-1999-0207 | 1 Great Circle Associates | 1 Majordomo | 2023-12-10 | 7.5 HIGH | N/A |
| Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command. | |||||
| CVE-2004-1582 | 1 Blackboard Internet Newsboard System | 1 Blackboard Internet Newsboard System | 2023-12-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbitrary PHP code by modifying the libpath parameter (incorrectly called "libpach") to reference a URL on a remote web server that contains _more.php, as demonstrated using checkdb.inc.php. | |||||
| CVE-2002-2268 | 1 Netdave | 1 Webster Http Server | 2023-12-10 | 9.4 HIGH | N/A |
| Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2000-0483 | 2 Redhat, Zope | 2 Linux Powertools, Zope | 2023-12-10 | 7.5 HIGH | N/A |
| The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization. | |||||
| CVE-2003-0513 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
| CVE-2002-1813 | 1 Aol | 1 Instant Messenger | 2023-12-10 | 2.6 LOW | N/A |
| Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link. | |||||
| CVE-2002-0615 | 1 Microsoft | 2 Excel, Office | 2023-12-10 | 7.5 HIGH | N/A |
| The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation". | |||||
| CVE-2002-0327 | 1 Century Software | 1 Term | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program. | |||||
| CVE-1999-1170 | 2 Ipswitch, Progress | 2 Imail, Ws Ftp Server | 2023-12-10 | 4.6 MEDIUM | N/A |
| IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. | |||||
| CVE-2002-1445 | 1 W3c | 1 Cern Httpd | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page. | |||||
| CVE-1999-1011 | 1 Microsoft | 4 Data Access Components, Index Server, Internet Information Server and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
| The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2004-1432 | 1 Cisco | 1 Optical Networking Systems Software | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed (1) IP or (2) ICMP packets. | |||||
| CVE-2003-0761 | 1 Digium | 1 Asterisk | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | |||||
| CVE-2002-2033 | 1 Faqmanager | 1 Faqmanager.cgi | 2023-12-10 | 5.0 MEDIUM | N/A |
| faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). | |||||
| CVE-2002-2416 | 1 Zeroo | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request. | |||||
| CVE-1999-0442 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 2.1 LOW | N/A |
| Solaris ff.core allows local users to modify files. | |||||
| CVE-2000-1211 | 1 Zope | 1 Zope | 2023-12-10 | 7.5 HIGH | N/A |
| Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. | |||||
| CVE-2002-1447 | 1 Cisco | 1 Vpn Client | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument. | |||||
| CVE-2002-0343 | 1 Hotline Communications | 1 Hotline Connect | 2023-12-10 | 4.6 MEDIUM | N/A |
| Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords. | |||||