Total
246971 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1155 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. NOTE: later research shows that Internet Explorer 7 on Windows XP SP2 is also vulnerable. | |||||
| CVE-1999-0651 | 2023-12-10 | 7.5 HIGH | N/A | ||
| The rsh/rlogin service is running. | |||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
| CVE-1999-1335 | 1 Redhat | 1 Linux | 2023-12-10 | 6.4 MEDIUM | N/A |
| snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. | |||||
| CVE-2004-0597 | 2 Greg Roelofs, Microsoft | 6 Libpng, Msn Messenger, Windows 98se and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. | |||||
| CVE-2001-0508 | 1 Microsoft | 1 Internet Information Services | 2023-12-10 | 5.0 MEDIUM | N/A |
| Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service (restart) via a long, invalid WebDAV request. | |||||
| CVE-1999-0396 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2023-12-10 | 2.6 LOW | N/A |
| A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | |||||
| CVE-2002-1049 | 1 Hylafax | 1 Hylafax | 2023-12-10 | 5.0 MEDIUM | N/A |
| Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element. | |||||
| CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
| Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | |||||
| CVE-2003-1129 | 1 Yahoo | 1 Audio Conferencing Activex Control | 2023-12-10 | 2.6 LOW | N/A |
| Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat. | |||||
| CVE-1999-0665 | 2023-12-10 | 10.0 HIGH | N/A | ||
| An application-critical Windows NT registry key has an inappropriate value. | |||||
| CVE-2002-1009 | 1 Summit Computer Networks | 1 Lil Http Server | 2023-12-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters. | |||||
| CVE-2004-0234 | 8 Clearswift, F-secure, Rarlab and 5 more | 13 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 10 more | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. | |||||
| CVE-2002-0959 | 1 Splatt | 1 Splatt Forum | 2023-12-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script. | |||||
| CVE-2002-1806 | 1 Drupal | 1 Drupal | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2004-1635 | 1 Mozilla | 1 Bugzilla | 2023-12-10 | 5.0 MEDIUM | N/A |
| Bugzilla 2.17.1 through 2.18rc2 and 2.19 from cvs, when using the insidergroup feature, does not sufficiently protect private attachments when there are changes to the metadata, such as filename, description, MIME type, or review flags, which allows remote authenticated users to obtain sensitive information when (1) viewing the bug activity log or (2) receiving bug change notification mails. | |||||
| CVE-2003-1102 | 1 Hummingbird | 1 Cyberdocs | 2023-12-10 | 5.0 MEDIUM | N/A |
| Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code. | |||||
| CVE-2001-0876 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. | |||||
| CVE-2003-1101 | 1 Hummingbird | 1 Cyberdocs | 2023-12-10 | 5.0 MEDIUM | N/A |
| Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message. | |||||
| CVE-2004-0662 | 1 Powerportal | 1 Powerportal | 2023-12-10 | 5.0 MEDIUM | N/A |
| PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message. | |||||