Total
250172 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1019 | 1 Seaglass Technologies Inc. | 1 Sglmerchant | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in view_item CGI program in sglMerchant 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTML_FILE parameter. | |||||
CVE-2002-2412 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 2.1 LOW | N/A |
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts. | |||||
CVE-2002-0557 | 1 Openbsd | 1 Openbsd | 2023-12-10 | 7.5 HIGH | N/A |
Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). | |||||
CVE-2004-2195 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2023-12-10 | 5.0 MEDIUM | N/A |
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | |||||
CVE-2000-0834 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 7.5 HIGH | N/A |
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability. | |||||
CVE-2001-0152 | 1 Microsoft | 1 Plus | 2023-12-10 | 2.1 LOW | N/A |
The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the compressed folders. | |||||
CVE-2003-0440 | 2 Debian, Semi | 2 Debian Linux, Semi | 2023-12-10 | 4.6 MEDIUM | N/A |
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | |||||
CVE-2004-2226 | 1 Mozilla | 1 Thunderbird | 2023-12-10 | 5.0 MEDIUM | N/A |
Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server. | |||||
CVE-2000-0246 | 1 Microsoft | 6 Commercial Internet System, Internet Information Server, Internet Information Services and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability. | |||||
CVE-2001-0020 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2023-12-10 | 2.1 LOW | N/A |
Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2003-0344 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | |||||
CVE-2003-0880 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences. | |||||
CVE-2000-0749 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system. | |||||
CVE-1999-0998 | 1 Cisco | 1 Cache Engine | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco Cache Engine allows an attacker to replace content in the cache. | |||||
CVE-2003-1337 | 1 Aprelium Technologies | 1 Abyss Web Server | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2023-12-10 | 7.2 HIGH | N/A |
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||||
CVE-2002-0434 | 1 Marcus S. Xenakis | 1 Directory.php | 2023-12-10 | 10.0 HIGH | N/A |
Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. | |||||
CVE-2001-0241 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. | |||||
CVE-2000-0619 | 1 Toplayer | 1 Appswitch | 2023-12-10 | 5.0 MEDIUM | N/A |
Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets. |