Total
250425 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2023-12-10 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | |||||
CVE-2004-1752 | 1 Nakedsoft | 1 Gaucho | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header. | |||||
CVE-2002-1307 | 1 Mhonarc | 1 Mhonarc | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name. | |||||
CVE-2004-1497 | 1 Minihttpserver.net | 1 Web Forums Server | 2023-12-10 | 4.6 MEDIUM | N/A |
Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges. | |||||
CVE-2004-1744 | 1 Efs Software | 1 Efs Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests. | |||||
CVE-1999-1476 | 1 Intel | 2 Pentium, Pentuim | 2023-12-10 | 2.1 LOW | N/A |
A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem. | |||||
CVE-2003-0771 | 1 Apache Gallery | 1 Apache Gallery | 2023-12-10 | 4.6 MEDIUM | N/A |
Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does. | |||||
CVE-2002-1795 | 1 Microsoft | 1 Tsac Activex Control | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
CVE-2000-1235 | 1 Oracle | 1 Application Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files. | |||||
CVE-2004-2189 | 1 Dmxready | 1 Dmxready Site Chassis Manager | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
CVE-2002-0929 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests. | |||||
CVE-2001-0774 | 1 Tripwire | 1 Tripwire | 2023-12-10 | 4.6 MEDIUM | N/A |
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files. | |||||
CVE-1999-1473 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." | |||||
CVE-2004-1941 | 1 Fastream | 1 Netfile Ftp Web Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to cause a denial of service via a username that does not exist. | |||||
CVE-2004-1776 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | |||||
CVE-2002-2092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 3.7 LOW | N/A |
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | |||||
CVE-2004-2215 | 1 Marc Lehmann | 1 Rxvt-unicode | 2023-12-10 | 4.6 MEDIUM | N/A |
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. | |||||
CVE-2001-1325 | 1 Microsoft | 2 Internet Explorer, Outlook Express | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH). | |||||
CVE-2004-1461 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2023-12-10 | 7.5 HIGH | N/A |
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. | |||||
CVE-1999-0308 | 1 Hp | 1 Hp-ux | 2023-12-10 | 4.6 MEDIUM | N/A |
HP-UX gwind program allows users to modify arbitrary files. |