Total
249088 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0696 | 1 4d | 1 Webstar | 2023-12-10 | 5.0 MEDIUM | N/A |
| The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character. | |||||
| CVE-2001-0184 | 1 Eeye Digital Security | 1 Iris | 2023-12-10 | 2.6 LOW | N/A |
| eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet. | |||||
| CVE-1999-0805 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
| Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
| CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2023-12-10 | 7.5 HIGH | N/A |
| get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | |||||
| CVE-2001-0290 | 1 Gnu | 1 Mailman | 2023-12-10 | 4.6 MEDIUM | N/A |
| Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2023-12-10 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-2002-0304 | 1 Summit Computer Networks | 1 Lil Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request. | |||||
| CVE-2004-0410 | 2023-12-10 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | |||||
| CVE-1999-0759 | 1 Fuseware | 1 Fusemail | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in FuseMAIL POP service via long USER and PASS commands. | |||||
| CVE-2004-0591 | 1 Inter7 | 1 Sqwebmail | 2023-12-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type. | |||||
| CVE-2000-0211 | 1 Microsoft | 1 Windows Media Services | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the "Misordered Windows Media Services Handshake" vulnerability. | |||||
| CVE-2003-0043 | 1 Apache | 1 Tomcat | 2023-12-10 | 5.0 MEDIUM | N/A |
| Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. | |||||
| CVE-2001-0834 | 4 Conectiva, Debian, Htdig and 1 more | 4 Linux, Debian Linux, Htdig and 1 more | 2023-12-10 | 6.4 MEDIUM | N/A |
| htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | |||||
| CVE-2002-0585 | 1 Hp | 1 Hp-ux | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service. | |||||
| CVE-2003-1346 | 1 D-link | 1 Dwl-900ap\+ | 2023-12-10 | 10.0 HIGH | N/A |
| D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. | |||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2023-12-10 | 7.5 HIGH | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | |||||
| CVE-2003-0618 | 2 Debian, Perl | 2 Debian Linux, Suidperl | 2023-12-10 | 2.1 LOW | N/A |
| Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions. | |||||
| CVE-2003-0095 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. | |||||
| CVE-2004-1362 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
| The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters. | |||||
| CVE-2000-0313 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 4.6 MEDIUM | N/A |
| Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations. | |||||