Total
247519 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1368 | 1 Broadcom | 1 Inoculateit | 2023-12-10 | 7.5 HIGH | N/A |
| AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox. | |||||
| CVE-2000-1112 | 1 Microsoft | 1 Windows Media Player | 2023-12-10 | 4.6 MEDIUM | N/A |
| Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability. | |||||
| CVE-2002-1714 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | |||||
| CVE-2003-0484 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter. | |||||
| CVE-2004-1827 | 2 Simple Machines, Yabb | 2 Simple Machines Smf, Yabb | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags. | |||||
| CVE-2002-0104 | 1 Aftpd | 1 Aftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
| AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump. | |||||
| CVE-2004-0059 | 1 Lionmax Software | 1 Www File Share Pro | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter of a Content-Disposition: header. | |||||
| CVE-2001-0729 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. | |||||
| CVE-2002-0720 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2023-12-10 | 7.2 HIGH | N/A |
| A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | |||||
| CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2023-12-10 | 4.3 MEDIUM | N/A |
| parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | |||||
| CVE-2001-0022 | 1 Leif M. Wright | 1 Simplestguest.cgi | 2023-12-10 | 10.0 HIGH | N/A |
| simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter. | |||||
| CVE-2002-1528 | 1 Mondosoft | 1 Mondosearch | 2023-12-10 | 5.0 MEDIUM | N/A |
| MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter. | |||||
| CVE-1999-0791 | 1 Hybrid Network | 2 Cable Modem, Hsmp | 2023-12-10 | 10.0 HIGH | N/A |
| Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol. | |||||
| CVE-2002-1941 | 1 Radiobird Software | 1 Web Server 4 Everyone | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request with the Host header set. | |||||
| CVE-2001-0038 | 1 Metaproducts | 1 Offline Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
| Offline Explorer 1.4 before Service Release 2 allows remote attackers to read arbitrary files by specifying the drive letter (e.g. C:) in the requested URL. | |||||
| CVE-2002-1341 | 1 Squirrelmail | 1 Squirrelmail | 2023-12-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters. | |||||
| CVE-2002-1261 | 2023-12-10 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1292. Reason: This candidate is a reservation duplicate of CVE-2002-1292. Notes: All CVE users should reference CVE-2002-1292 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
| CVE-1999-0566 | 1 Ibm | 1 Aix | 2023-12-10 | 5.0 MEDIUM | N/A |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |||||
| CVE-2004-0728 | 1 Microsoft | 1 Systems Management Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that causes the server to read or write to an invalid memory address. | |||||
| CVE-1999-0062 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 7.2 HIGH | N/A |
| The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. | |||||