Total
248617 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0142 | 1 Pi3 | 1 Pi3web | 2023-12-10 | 7.5 HIGH | N/A |
| CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters. | |||||
| CVE-2004-2209 | 1 Ideal Science | 1 Idealbb | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2023-12-10 | 5.0 MEDIUM | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | |||||
| CVE-2002-1685 | 1 Working Resources Inc. | 1 Badblue | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI. | |||||
| CVE-1999-0276 | 1 Hughes | 1 Msql | 2023-12-10 | 7.5 HIGH | N/A |
| mSQL v2.0.1 and below allows remote execution through a buffer overflow. | |||||
| CVE-2001-0423 | 1 Sun | 1 Solaris | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. | |||||
| CVE-2002-1595 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2023-12-10 | 5.0 MEDIUM | N/A |
| Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization. | |||||
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2023-12-10 | 7.5 HIGH | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | |||||
| CVE-2000-0962 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
| The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. | |||||
| CVE-2001-0115 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. | |||||
| CVE-2001-0895 | 1 Cisco | 11 Catalyst 2900xl, Catalyst 2948g-l3, Catalyst 2950 and 8 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table. | |||||
| CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2023-12-10 | 5.0 MEDIUM | N/A |
| Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | |||||
| CVE-1999-1422 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
| The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. | |||||
| CVE-2000-0769 | 1 Oreilly | 1 Website Pro | 2023-12-10 | 7.5 HIGH | N/A |
| O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe. | |||||
| CVE-2000-0282 | 1 Talentsoft | 1 Web\+ | 2023-12-10 | 5.0 MEDIUM | N/A |
| TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program. | |||||
| CVE-2002-1546 | 1 Brs | 1 Webweaver | 2023-12-10 | 7.5 HIGH | N/A |
| BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence. | |||||
| CVE-2004-2183 | 1 Wehelpbus | 1 Wehelpbus | 2023-12-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. | |||||
| CVE-2003-0531 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability. | |||||
| CVE-2003-0839 | 1 Microsoft | 1 Windows 2003 Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. | |||||
| CVE-2000-0770 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 6.4 MEDIUM | N/A |
| IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability. | |||||