Total
28647 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0193 | 1 Catdoc | 1 Catdoc | 2023-12-10 | 2.1 LOW | N/A |
msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names ("word$$.html"). | |||||
CVE-2004-2070 | 1 Altiris | 1 Client Service | 2023-12-10 | 7.2 HIGH | N/A |
The Altiris Client Service for Windows 5.6 SP1 Hotfix E (5.6.181) allows local users to execute arbitrary commands by opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2005-1590. | |||||
CVE-2001-0090 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.1 MEDIUM | N/A |
The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability. | |||||
CVE-2001-0127 | 1 Oliver Debon | 1 Flash | 2023-12-10 | 7.6 HIGH | N/A |
Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag. | |||||
CVE-2000-0060 | 1 Avirt | 1 Rover | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name. | |||||
CVE-2002-0924 | 1 Cgiscript.net | 1 Csnews | 2023-12-10 | 7.5 HIGH | N/A |
CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability. | |||||
CVE-2004-0763 | 1 Mozilla | 1 Firefox | 2023-12-10 | 5.0 MEDIUM | N/A |
Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method. | |||||
CVE-2001-0490 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file. | |||||
CVE-1999-0692 | 2 Cray, Sgi | 2 Unicos, Irix | 2023-12-10 | 10.0 HIGH | N/A |
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges. | |||||
CVE-1999-0221 | 1 Lucent | 1 Ascend Routers | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service of Ascend routers through port 150 (remote administration). | |||||
CVE-2001-1026 | 1 Trend Micro | 1 Interscan Applettrap | 2023-12-10 | 7.5 HIGH | N/A |
Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address. | |||||
CVE-2004-0201 | 2 Avaya, Microsoft | 11 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | |||||
CVE-2001-0161 | 1 Cisco | 1 Aironet | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. | |||||
CVE-2002-1495 | 1 Rudi Benkovic | 1 Jawmail | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows remote attackers to insert arbitrary script or HTML via (1) attached file names in the Read Mail feature, (2) text/html mails that are displayed in a pop-up window, and (3) certain malicious attributes within otherwise safe tags, such as onMouseOver. | |||||
CVE-2002-0601 | 1 Information Security Systems | 1 Realsecure Network Sensor | 2023-12-10 | 5.0 MEDIUM | N/A |
ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer. | |||||
CVE-2004-0049 | 1 Realnetworks | 2 Helix Universal Mobile Server, Helix Universal Server | 2023-12-10 | 6.8 MEDIUM | N/A |
Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | |||||
CVE-2003-1235 | 1 Brs | 1 Webweaver | 2023-12-10 | 5.0 MEDIUM | N/A |
BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory. | |||||
CVE-2000-0990 | 1 Krzysztof Dabrowski | 1 Cmd5checkpw | 2023-12-10 | 7.5 HIGH | N/A |
cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username. | |||||
CVE-2001-0632 | 1 Sun | 1 Chilisoft | 2023-12-10 | 7.5 HIGH | N/A |
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges. | |||||
CVE-2002-1340 | 1 Microsoft | 1 Office Web Components | 2023-12-10 | 5.0 MEDIUM | N/A |
The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception. |