Vulnerabilities (CVE)

Total 240292 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0624 2023-12-10 N/A N/A
The rstat/rstatd service is running.
CVE-2004-0413 2 Openpkg, Subversion 2 Openpkg, Subversion 2023-12-10 10.0 HIGH N/A
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.
CVE-1999-0835 3 Ibm, Sco, Sun 4 Aix, Openserver, Unixware and 1 more 2023-12-10 10.0 HIGH N/A
Denial of service in BIND named via malformed SIG records.
CVE-2002-1671 1 Microsoft 1 Internet Explorer 2023-12-10 5.0 MEDIUM N/A
Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object.
CVE-2002-2176 1 Phpbb Group 1 Phpbb 2023-12-10 10.0 HIGH N/A
SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.
CVE-1999-0485 1 Openbsd 1 Openbsd 2023-12-10 2.6 LOW N/A
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD.
CVE-2002-2165 1 Imho 1 Imho Webmail 2023-12-10 2.1 LOW N/A
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.
CVE-2002-1250 1 Abuse 1 Abuse 2023-12-10 7.2 HIGH N/A
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument.
CVE-2004-0115 1 Microsoft 1 Virtual Pc 2023-12-10 4.6 MEDIUM N/A
VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file.
CVE-2002-1334 1 Bizdesign 1 Imagefolio 2023-12-10 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi.
CVE-1999-0491 1 Gnu 1 Bash 2023-12-10 4.6 MEDIUM N/A
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
CVE-2000-0807 1 Checkpoint 1 Firewall-1 2023-12-10 7.5 HIGH N/A
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."
CVE-1999-1333 1 Redhat 1 Linux 2023-12-10 7.5 HIGH N/A
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
CVE-2002-1040 1 Ibm 1 Aix 2023-12-10 5.0 MEDIUM N/A
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVE-2002-1707 1 Phpbb Group 1 Phpbb 2023-12-10 5.0 MEDIUM N/A
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code.
CVE-2001-0452 1 Brs 1 Webweaver 2023-12-10 5.0 MEDIUM N/A
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
CVE-2000-1006 1 Microsoft 1 Exchange Server 2023-12-10 5.0 MEDIUM N/A
Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability.
CVE-2003-0742 1 Sco 1 Openserver 2023-12-10 7.2 HIGH N/A
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
CVE-2004-2059 1 Xlinesoft 1 Asprunner 2023-12-10 5.0 MEDIUM N/A
Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parameter in [TABLE-NAME]_edit.asp, (3) SearchFor parameter in [TABLE]_list.asp, or (4) SQL parameter in export.asp.
CVE-2002-0738 1 Mhonarc 1 Mhonarc 2023-12-10 7.5 HIGH N/A
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax.