Total
250167 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0246 | 1 Laurent Adda | 1 Les Commentaires | 2023-12-10 | 10.0 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter. | |||||
CVE-2004-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. | |||||
CVE-2002-1559 | 1 Research Systems Inc. | 1 Ion Script | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter. | |||||
CVE-1999-1118 | 1 Sun | 1 Solaris | 2023-12-10 | 2.1 LOW | N/A |
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters. | |||||
CVE-2003-1079 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. | |||||
CVE-2001-0414 | 1 Dave Mills | 2 Ntpd, Xntp3 | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument. | |||||
CVE-2002-0594 | 3 Galeon, Mozilla, Netscape | 3 Galeon Browser, Mozilla, Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | |||||
CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
CVE-1999-0938 | 1 University College London | 1 Sdr | 2023-12-10 | 7.5 HIGH | N/A |
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. | |||||
CVE-2001-0417 | 1 Mit | 2 Kerberos, Kerberos 5 | 2023-12-10 | 2.1 LOW | N/A |
Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files. | |||||
CVE-2001-0204 | 1 Watchguard | 1 Firebox Ii | 2023-12-10 | 5.0 MEDIUM | N/A |
Watchguard Firebox II allows remote attackers to cause a denial of service by establishing multiple connections and sending malformed PPTP packets. | |||||
CVE-2003-0553 | 1 Netscape | 1 Navigator | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. | |||||
CVE-2004-1532 | 1 Appserv Open Project | 1 Appserv | 2023-12-10 | 7.5 HIGH | N/A |
AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access. | |||||
CVE-2003-0147 | 3 Openpkg, Openssl, Stunnel | 3 Openpkg, Openssl, Stunnel | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal). | |||||
CVE-2003-0960 | 1 Openca | 1 Openca | 2023-12-10 | 7.5 HIGH | N/A |
OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates. | |||||
CVE-2001-1019 | 1 Seaglass Technologies Inc. | 1 Sglmerchant | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in view_item CGI program in sglMerchant 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTML_FILE parameter. | |||||
CVE-2002-2412 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 2.1 LOW | N/A |
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts. | |||||
CVE-2002-0557 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 7.5 HIGH | N/A |
Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). | |||||
CVE-2004-2195 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2023-12-10 | 5.0 MEDIUM | N/A |
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | |||||
CVE-2000-0834 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.5 HIGH | N/A |
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability. |