Total
249954 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0925 | 1 Matthew Mondor | 2 Mmftpd, Mmmail | 2023-12-10 | 7.5 HIGH | N/A |
| Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier. | |||||
| CVE-2003-1394 | 1 Coffeecup Software | 1 Coffeecup Password Wizard | 2023-12-10 | 5.0 MEDIUM | N/A |
| CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct request for the file. | |||||
| CVE-2004-0825 | 1 Apple | 1 Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. | |||||
| CVE-2004-0528 | 1 Netscape | 1 Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | |||||
| CVE-2004-1580 | 1 Devellion | 1 Cubecart | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2003-1384 | 1 Py Software | 1 Py-livredor | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields. | |||||
| CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
| CVE-2000-0680 | 1 Cvs | 1 Cvs | 2023-12-10 | 7.2 HIGH | N/A |
| The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action. | |||||
| CVE-1999-1224 | 1 University Of Washington | 1 Imapd | 2023-12-10 | 3.6 LOW | N/A |
| IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information. | |||||
| CVE-2002-0940 | 1 Ncipher | 1 Mscapi Csp | 2023-12-10 | 4.6 MEDIUM | N/A |
| domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | |||||
| CVE-1999-0133 | 1 Adobe | 1 Framemaker | 2023-12-10 | 2.1 LOW | N/A |
| fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. | |||||
| CVE-2004-0374 | 1 Interchange Development Group | 1 Interchange | 2023-12-10 | 6.4 MEDIUM | N/A |
| Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string. | |||||
| CVE-2004-1709 | 1 Datakey | 1 Rainbow Ikey2032 Usb Token | 2023-12-10 | 2.1 LOW | N/A |
| Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users. | |||||
| CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2023-12-10 | 6.2 MEDIUM | N/A |
| Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2004-1387 | 1 Apache | 1 Http Server | 2023-12-10 | 2.1 LOW | N/A |
| The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2001-0918 | 1 Suse | 1 Suse Linux | 2023-12-10 | 5.1 MEDIUM | N/A |
| Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely. | |||||
| CVE-2001-1506 | 1 Hp | 1 Secure Os | 2023-12-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files. | |||||
| CVE-2001-0148 | 1 Microsoft | 1 Windows Media Player | 2023-12-10 | 7.5 HIGH | N/A |
| The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. | |||||
| CVE-2002-2201 | 1 Webmin | 1 Webmin | 2023-12-10 | 10.0 HIGH | N/A |
| The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name. | |||||
| CVE-2001-0756 | 1 Virtualcart | 1 Virtualcatalog | 2023-12-10 | 7.5 HIGH | N/A |
| CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualCart) allows remote attackers to execute arbitrary code via the template parameter. | |||||