Total
249088 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0835 | 3 Ibm, Sco, Sun | 4 Aix, Openserver, Unixware and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
Denial of service in BIND named via malformed SIG records. | |||||
CVE-2002-1671 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. | |||||
CVE-2002-2176 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 10.0 HIGH | N/A |
SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page. | |||||
CVE-1999-0485 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 2.6 LOW | N/A |
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD. | |||||
CVE-2002-2165 | 1 Imho | 1 Imho Webmail | 2023-12-10 | 2.1 LOW | N/A |
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox. | |||||
CVE-2002-1250 | 1 Abuse | 1 Abuse | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument. | |||||
CVE-2004-0115 | 1 Microsoft | 1 Virtual Pc | 2023-12-10 | 4.6 MEDIUM | N/A |
VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file. | |||||
CVE-2002-1334 | 1 Bizdesign | 1 Imagefolio | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi. | |||||
CVE-1999-0491 | 1 Gnu | 1 Bash | 2023-12-10 | 4.6 MEDIUM | N/A |
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. | |||||
CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 7.5 HIGH | N/A |
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
CVE-1999-1333 | 1 Redhat | 1 Linux | 2023-12-10 | 7.5 HIGH | N/A |
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. | |||||
CVE-2002-1040 | 1 Ibm | 1 Aix | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames. | |||||
CVE-2002-1707 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 5.0 MEDIUM | N/A |
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2001-0452 | 1 Brs | 1 Webweaver | 2023-12-10 | 5.0 MEDIUM | N/A |
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. | |||||
CVE-2000-1006 | 1 Microsoft | 1 Exchange Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability. | |||||
CVE-2003-0742 | 1 Sco | 1 Openserver | 2023-12-10 | 7.2 HIGH | N/A |
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. | |||||
CVE-2004-2059 | 1 Xlinesoft | 1 Asprunner | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parameter in [TABLE-NAME]_edit.asp, (3) SearchFor parameter in [TABLE]_list.asp, or (4) SQL parameter in export.asp. | |||||
CVE-2002-0738 | 1 Mhonarc | 1 Mhonarc | 2023-12-10 | 7.5 HIGH | N/A |
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax. | |||||
CVE-2004-0038 | 1 Mcafee | 1 Epolicy Orchestrator | 2023-12-10 | 7.5 HIGH | N/A |
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81. | |||||
CVE-2002-0918 | 1 Cgiscript.net | 1 Cspassword | 2023-12-10 | 5.0 MEDIUM | N/A |
CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error. |