Total
28643 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||||
CVE-2004-1651 | 1 Brickhost | 1 Phpscheduleit | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Lastname fields during new user registration, or (3) the Schedule Name field. | |||||
CVE-2003-0979 | 1 Freescripts | 1 Visitorbook | 2023-12-10 | 5.0 MEDIUM | N/A |
FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable. | |||||
CVE-2004-2190 | 1 Unzoo | 1 Unzoo | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. | |||||
CVE-1999-1521 | 1 Computalynx | 1 Cmail | 2023-12-10 | 10.0 HIGH | N/A |
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server. | |||||
CVE-2000-0659 | 1 Analogx | 1 Proxy | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request. | |||||
CVE-2000-0346 | 1 Apple | 1 Appleshare | 2023-12-10 | 5.0 MEDIUM | N/A |
AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | |||||
CVE-1999-0788 | 1 Knox Software | 1 Arkeia | 2023-12-10 | 5.0 MEDIUM | N/A |
Arkiea nlservd allows remote attackers to conduct a denial of service. | |||||
CVE-2002-0508 | 1 Wwwisis | 1 Wwwisis | 2023-12-10 | 10.0 HIGH | N/A |
wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog. | |||||
CVE-2001-0420 | 1 Way To The Web | 1 Talkback | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter. | |||||
CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | |||||
CVE-2001-1523 | 1 Dmozgateway | 1 Dmozgateway | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the DMOZGateway module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the topic parameter. | |||||
CVE-1999-0516 | 2023-12-10 | 7.5 HIGH | N/A | ||
An SNMP community name is guessable. | |||||
CVE-2000-0307 | 1 Sco | 3 Open Desktop, Openserver, Unixware | 2023-12-10 | 5.0 MEDIUM | N/A |
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. | |||||
CVE-2002-0562 | 1 Oracle | 3 Application Server, Application Server Web Cache, Oracle9i | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa. | |||||
CVE-2003-1232 | 1 Gnu | 1 Emacs | 2023-12-10 | 5.1 MEDIUM | N/A |
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. | |||||
CVE-2002-0398 | 1 Red-m | 1 1050ap Lan Acess Point | 2023-12-10 | 10.0 HIGH | N/A |
Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name. | |||||
CVE-2003-0102 | 2 File, Netbsd | 2 File, Netbsd | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | |||||
CVE-2001-0711 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. | |||||
CVE-2003-0010 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. |