Total
247013 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1101 | 1 Hummingbird | 1 Cyberdocs | 2023-12-10 | 5.0 MEDIUM | N/A |
Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message. | |||||
CVE-2004-0662 | 1 Powerportal | 1 Powerportal | 2023-12-10 | 5.0 MEDIUM | N/A |
PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message. | |||||
CVE-2002-1920 | 1 Datawizard | 1 Ftpxq | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD command with a long directory name. | |||||
CVE-2001-0535 | 1 Macromedia | 1 Coldfusion Server | 2023-12-10 | 7.5 HIGH | N/A |
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script. | |||||
CVE-2004-0375 | 1 Symantec | 4 Client Firewall, Client Security, Norton Internet Security and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero. | |||||
CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2023-12-10 | 10.0 HIGH | N/A |
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | |||||
CVE-2004-1548 | 1 Onnuri Infotek | 1 Activepost Standard | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename. | |||||
CVE-1999-1329 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. | |||||
CVE-2003-0825 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2023-12-10 | 9.3 HIGH | N/A |
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-1999-0517 | 2 Hp, Sun | 2 Hp-ux, Sunos | 2023-12-10 | 7.5 HIGH | N/A |
An SNMP community name is the default (e.g. public), null, or missing. | |||||
CVE-2002-1180 | 1 Microsoft | 1 Internet Information Services | 2023-12-10 | 7.5 HIGH | N/A |
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability." | |||||
CVE-1999-0419 | 2023-12-10 | 5.0 MEDIUM | N/A | ||
When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service. | |||||
CVE-2004-1734 | 1 Mantis | 1 Mantis | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitrary PHP code by modifying the (1) t_core_path parameter to bug_api.php or (2) t_core_dir parameter to relationship_api.php to reference a URL on a remote web server that contains the code. | |||||
CVE-2003-0828 | 1 Gus And Psilord | 1 Freesweep | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables. | |||||
CVE-2002-0647 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in a legacy ActiveX control used to display specially formatted text in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code, aka "Buffer Overrun in Legacy Text Formatting ActiveX Control". | |||||
CVE-2002-0554 | 1 Ibm | 1 Informix Web Datablade | 2023-12-10 | 7.5 HIGH | N/A |
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request. | |||||
CVE-2000-0331 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability. | |||||
CVE-1999-1103 | 1 Digital | 1 Osf 1 | 2023-12-10 | 4.6 MEDIUM | N/A |
dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | |||||
CVE-2002-0138 | 1 Andreas Mueller | 1 Cdrdao | 2023-12-10 | 2.1 LOW | N/A |
CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command. | |||||
CVE-2002-2024 | 1 Horde | 1 Imp | 2023-12-10 | 5.0 MEDIUM | N/A |
Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages. |