Total
250427 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||
CVE-2003-0294 | 1 Php-proxima | 1 Php-proxima | 2023-12-10 | 5.0 MEDIUM | N/A |
autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. | |||||
CVE-2000-0555 | 1 Lilikoi | 1 Ceilidh | 2023-12-10 | 5.0 MEDIUM | N/A |
Ceilidh allows remote attackers to cause a denial of service via a large number of POST requests. | |||||
CVE-2004-0851 | 1 Ulrich Callmeier | 1 Net-acct | 2023-12-10 | 2.1 LOW | N/A |
The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2004-0710 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
CVE-2000-0641 | 1 Michael Lamont | 1 Savant Webserver | 2023-12-10 | 7.5 HIGH | N/A |
Savant web server allows remote attackers to execute arbitrary commands via a long GET request. | |||||
CVE-2002-0238 | 1 Netgear | 1 Rt314 | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script. | |||||
CVE-2002-1892 | 1 Netgear | 1 Fvs318 | 2023-12-10 | 2.1 LOW | N/A |
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | |||||
CVE-2000-0762 | 2 Broadcom, Ca | 2 Etrust Access Control, Etrust Access Control | 2023-12-10 | 10.0 HIGH | N/A |
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges. | |||||
CVE-2004-1381 | 1 Mozilla | 2 Firefox, Mozilla | 2023-12-10 | 5.0 MEDIUM | N/A |
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks. | |||||
CVE-2004-0284 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. | |||||
CVE-2002-0066 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2023-12-10 | 7.5 HIGH | N/A |
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges. | |||||
CVE-2004-1464 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | |||||
CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2023-12-10 | 7.5 HIGH | N/A |
FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | |||||
CVE-2003-0852 | 2 Sylpheed, Sylpheed-claws | 2 Sylpheed, Sylpheed-claws | 2023-12-10 | 5.0 MEDIUM | N/A |
Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message. | |||||
CVE-2000-1163 | 1 Aladdin Enterprises | 1 Ghostscript | 2023-12-10 | 4.6 MEDIUM | N/A |
ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript. | |||||
CVE-2002-0003 | 1 Gnu | 1 Groff | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | |||||
CVE-2002-1828 | 1 Savant | 1 Savant Webserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value. | |||||
CVE-2002-0292 | 1 Open Source Development Network | 1 Slashcode | 2023-12-10 | 2.6 LOW | N/A |
Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field. | |||||
CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. |