Total
247173 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0047 | 1 Yahoo | 1 Pager | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. | |||||
CVE-2004-1710 | 1 Andrew Kilpatrick | 1 Page Cgi | 2023-12-10 | 7.5 HIGH | N/A |
page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter. | |||||
CVE-2001-0844 | 1 Seth Leonard | 2 Book Of Guests, Post It | 2023-12-10 | 7.5 HIGH | N/A |
Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter. | |||||
CVE-2001-1032 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 7.5 HIGH | N/A |
admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy. | |||||
CVE-2002-1468 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. | |||||
CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2023-12-10 | 2.1 LOW | N/A |
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | |||||
CVE-2001-1488 | 1 Open Projects Network | 1 Open Projects Network Ircd | 2023-12-10 | 5.0 MEDIUM | N/A |
Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon. | |||||
CVE-2001-0335 | 1 Microsoft | 1 Internet Information Server | 2023-12-10 | 5.0 MEDIUM | N/A |
FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters. | |||||
CVE-2002-1494 | 1 Aestiva | 1 Html Os | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message. | |||||
CVE-1999-0924 | 1 Allaire | 1 Coldfusion Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. | |||||
CVE-2003-1433 | 1 Epic Games | 1 Unreal Engine | 2023-12-10 | 4.3 MEDIUM | N/A |
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times. | |||||
CVE-2003-0019 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. | |||||
CVE-2002-0276 | 1 Ettercap | 1 Ettercap | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets. | |||||
CVE-2002-0984 | 1 Light | 1 Light | 2023-12-10 | 7.5 HIGH | N/A |
The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC4 code. | |||||
CVE-2000-0768 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
CVE-2001-1073 | 1 Webridge | 1 Px Application Suite | 2023-12-10 | 5.0 MEDIUM | N/A |
Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables (1) APPL_PHYSICAL_PATH, (2) PATH_TRANSLATED, and (3) LOCAL_ADDR. | |||||
CVE-2003-0301 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 5.0 MEDIUM | N/A |
The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||||
CVE-2004-2231 | 1 Zero G | 1 Installanywhere | 2023-12-10 | 1.2 LOW | N/A |
Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files. | |||||
CVE-2000-0771 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 2.1 LOW | N/A |
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. | |||||
CVE-2002-1933 | 1 Microsoft | 1 Windows 2000 Terminal Services | 2023-12-10 | 7.2 HIGH | N/A |
The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window. |