Total
246971 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0339 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter. | |||||
CVE-2000-1046 | 1 Lotus | 1 Domino | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands. | |||||
CVE-2001-0612 | 1 Mcafee | 1 Remote Desktop 32 | 2023-12-10 | 5.0 MEDIUM | N/A |
McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. | |||||
CVE-2001-0634 | 1 Sun | 1 Chilisoft | 2023-12-10 | 7.2 HIGH | N/A |
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service. | |||||
CVE-2001-1293 | 1 3com | 1 3cr29223 | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request. | |||||
CVE-2000-0184 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2023-12-10 | 2.1 LOW | N/A |
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. | |||||
CVE-2002-1277 | 1 Windowmaker | 1 Windowmaker | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. | |||||
CVE-2004-1755 | 1 Bea | 1 Weblogic Server | 2023-12-10 | 7.5 HIGH | N/A |
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges. | |||||
CVE-1999-0825 | 1 Sco | 1 Unixware | 2023-12-10 | 3.6 LOW | N/A |
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. | |||||
CVE-2003-1562 | 1 Openbsd | 1 Openssh | 2023-12-10 | 7.6 HIGH | N/A |
sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190. | |||||
CVE-2002-1394 | 1 Apache | 1 Tomcat | 2023-12-10 | 7.5 HIGH | N/A |
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | |||||
CVE-2003-1406 | 1 Adalis Infomatique | 1 D Forum | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. | |||||
CVE-2001-0791 | 1 Trend Micro | 1 Interscan Viruswall | 2023-12-10 | 5.0 MEDIUM | N/A |
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access. | |||||
CVE-1999-1157 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | |||||
CVE-2003-0303 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2023-12-10 | 5.0 MEDIUM | N/A |
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. | |||||
CVE-2002-1814 | 4 Gnome, Mandrakesoft, Redhat and 1 more | 4 Bonobo, Mandrake Linux, Linux and 1 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. | |||||
CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||||
CVE-2004-2038 | 1 Neocrome | 1 Land Down Under | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. | |||||
CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2023-12-10 | 7.8 HIGH | N/A |
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | |||||
CVE-2002-0640 | 1 Openbsd | 1 Openssh | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt). |