Total
247131 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0974 | 1 Gnu | 1 Privacy Guard | 2023-12-10 | 7.5 HIGH | N/A |
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | |||||
CVE-2001-0345 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions. | |||||
CVE-2000-0059 | 1 Php | 1 Php | 2023-12-10 | 10.0 HIGH | N/A |
PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands. | |||||
CVE-2004-1390 | 1 Qnx | 2 Rtos, Rtp | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9) noscript, (10) nodetach, (11) remote_mac, or (12) local_mac flags. | |||||
CVE-2004-2163 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 7.5 HIGH | N/A |
login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. | |||||
CVE-2002-2248 | 1 Netscape | 1 Communicator | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | |||||
CVE-2004-1946 | 1 Cherokee | 1 Cherokee Httpd | 2023-12-10 | 4.6 MEDIUM | N/A |
Format string vulnerability in the PRINT_ERROR function in common.c for Cherokee Web Server 0.4.16 and earlier allows local users to execute arbitrary code via format string specifiers in the -C command line argument. NOTE: it is not clear whether this issue could be exploited remotely, or if Cherokee is running at escalated privileges. Therefore it might not be a vulnerability. | |||||
CVE-2004-0412 | 1 Gnu | 1 Mailman | 2023-12-10 | 5.0 MEDIUM | N/A |
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | |||||
CVE-2003-1409 | 1 Ej3 | 1 Topo | 2023-12-10 | 5.0 MEDIUM | N/A |
TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message. | |||||
CVE-2003-0579 | 1 Ibm | 1 U2 Universe | 2023-12-10 | 4.6 MEDIUM | N/A |
uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user. | |||||
CVE-2004-0160 | 1 Synaesthesia | 1 Synaesthesia | 2023-12-10 | 7.2 HIGH | N/A |
Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file. | |||||
CVE-2002-1533 | 1 Jetty | 1 Jetty | 2023-12-10 | 5.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a). | |||||
CVE-1999-1192 | 1 Sun | 1 Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | |||||
CVE-2001-1165 | 1 Intego | 2 Diskguard, Fileguard | 2023-12-10 | 4.6 MEDIUM | N/A |
Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows local users to gain privileges by decrypting the information, e.g., with the Disengage tool. | |||||
CVE-2001-0302 | 1 Pi3 | 1 Pi3web | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | |||||
CVE-2001-1140 | 1 Working Resources Inc. | 1 Badblue | 2023-12-10 | 5.0 MEDIUM | N/A |
BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (null byte) to the request. | |||||
CVE-2001-0404 | 1 Sun | 1 Javaserver Web Dev Kit | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory. | |||||
CVE-2001-0727 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." | |||||
CVE-2003-1027 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 10.0 HIGH | N/A |
Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability." | |||||
CVE-2001-1093 | 1 Compaq | 1 Tru64 | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument. |