Total
249088 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0543 | 1 Oracle | 2 Applications, E-business Suite | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. | |||||
CVE-2002-0342 | 1 Kde | 1 K-mail | 2023-12-10 | 5.0 MEDIUM | N/A |
Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long. | |||||
CVE-1999-1330 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf. | |||||
CVE-2004-2011 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI. | |||||
CVE-2003-1135 | 1 Yahoo | 1 Messenger | 2023-12-10 | 2.6 LOW | N/A |
Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | |||||
CVE-2003-0760 | 1 Optisoft | 1 Blubster | 2023-12-10 | 5.0 MEDIUM | N/A |
Blubster 2.5 allows remote attackers to cause a denial of service (crash) via a flood of connections to UDP port 701. | |||||
CVE-2003-1273 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 2.1 LOW | N/A |
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters. | |||||
CVE-2000-0517 | 1 Netscape | 1 Communicator | 2023-12-10 | 5.0 MEDIUM | N/A |
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. | |||||
CVE-1999-0532 | 2023-12-10 | N/A | N/A | ||
A DNS server allows zone transfers. | |||||
CVE-1999-0223 | 1 Sun | 1 Sunos | 2023-12-10 | 2.1 LOW | N/A |
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | |||||
CVE-2004-1719 | 1 Merak | 1 Mail Server | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message. | |||||
CVE-2001-0691 | 1 University Of Washington | 1 Imapd | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations. | |||||
CVE-2000-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 4.6 MEDIUM | N/A |
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability. | |||||
CVE-2004-1460 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2023-12-10 | 7.5 HIGH | N/A |
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password. | |||||
CVE-2003-1400 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter. | |||||
CVE-2001-0214 | 1 Way | 1 Way-board | 2023-12-10 | 5.0 MEDIUM | N/A |
Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte. | |||||
CVE-1999-0111 | 1 Ibm | 1 Aix | 2023-12-10 | 5.0 MEDIUM | N/A |
RIP v1 is susceptible to spoofing. | |||||
CVE-2001-0336 | 1 Microsoft | 1 Internet Information Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. | |||||
CVE-2000-0695 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options. | |||||
CVE-2004-0286 | 1 Robotftp | 1 Robotftp Server | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username. |