Total
28647 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1065 | 1 T. Hauck | 1 Jana Web Server | 2023-12-10 | 7.5 HIGH | N/A |
| Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing. | |||||
| CVE-2002-0298 | 1 Nombas | 1 Scriptease Webserver | 2023-12-10 | 5.0 MEDIUM | N/A |
| ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character. | |||||
| CVE-2003-0086 | 1 Samba | 1 Samba | 2023-12-10 | 1.2 LOW | N/A |
| The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | |||||
| CVE-2004-0407 | 1 Macromedia | 1 Coldfusion | 2023-12-10 | 2.6 LOW | N/A |
| The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. | |||||
| CVE-2000-1077 | 1 Iplanet | 1 Iplanet Web Server | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. | |||||
| CVE-2003-0649 | 1 Xpcd | 1 Xpcd | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||
| CVE-2004-1878 | 1 Linbit Technologies | 1 Linbox Officeserver | 2023-12-10 | 5.0 MEDIUM | N/A |
| LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash). | |||||
| CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2023-12-10 | 2.6 LOW | N/A |
| Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. | |||||
| CVE-2000-0932 | 1 Clearswift | 1 Mailsweeper For Smtp | 2023-12-10 | 5.0 MEDIUM | N/A |
| MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service. | |||||
| CVE-2001-1021 | 1 Progress | 1 Ws Ftp Server | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD. | |||||
| CVE-2002-1210 | 1 Qualcomm | 1 Eudora | 2023-12-10 | 5.0 MEDIUM | N/A |
| Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context. | |||||
| CVE-2001-1054 | 1 Phpadsnew | 1 Phpadsnew | 2023-12-10 | 7.5 HIGH | N/A |
| PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2003-0130 | 1 Ximian | 1 Evolution | 2023-12-10 | 5.0 MEDIUM | N/A |
| The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image. | |||||
| CVE-2002-2071 | 1 Compaq | 1 Tru64 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap. | |||||
| CVE-2002-0330 | 1 Openbb | 1 Openbb | 2023-12-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag. | |||||
| CVE-2003-0883 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.6 MEDIUM | N/A |
| The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system. | |||||
| CVE-1999-1006 | 1 Novell | 1 Groupwise | 2023-12-10 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. | |||||
| CVE-2004-2008 | 1 Adam Webb | 1 Nukejokes | 2023-12-10 | 4.6 MEDIUM | N/A |
| SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter. | |||||
| CVE-2002-2266 | 1 Netscreen | 1 Screenos | 2023-12-10 | 5.0 MEDIUM | N/A |
| NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours. | |||||
| CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | |||||