Total
251334 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0973 | 1 Fraunhofer Fit | 1 Bscw | 2023-12-10 | 6.4 MEDIUM | N/A |
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space. | |||||
CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2023-12-10 | 7.5 HIGH | N/A |
EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
CVE-2001-0100 | 1 Brian Stanback | 1 Bslist.cgi | 2023-12-10 | 10.0 HIGH | N/A |
bslist.cgi mailing list script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. | |||||
CVE-1999-1178 | 1 Sambar | 1 Sambar Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. | |||||
CVE-2003-0525 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method. | |||||
CVE-2004-2247 | 1 Goosequill | 1 Audienceconnect | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect before 1.0.beta.21 has unknown impact and attack vectors. | |||||
CVE-2000-0779 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 7.5 HIGH | N/A |
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests. | |||||
CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||
CVE-2003-0294 | 1 Php-proxima | 1 Php-proxima | 2023-12-10 | 5.0 MEDIUM | N/A |
autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. | |||||
CVE-2000-0555 | 1 Lilikoi | 1 Ceilidh | 2023-12-10 | 5.0 MEDIUM | N/A |
Ceilidh allows remote attackers to cause a denial of service via a large number of POST requests. | |||||
CVE-2004-0851 | 1 Ulrich Callmeier | 1 Net-acct | 2023-12-10 | 2.1 LOW | N/A |
The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2004-0710 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
CVE-2000-0641 | 1 Michael Lamont | 1 Savant Webserver | 2023-12-10 | 7.5 HIGH | N/A |
Savant web server allows remote attackers to execute arbitrary commands via a long GET request. | |||||
CVE-2002-0238 | 1 Netgear | 1 Rt314 | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script. | |||||
CVE-2002-1892 | 1 Netgear | 1 Fvs318 | 2023-12-10 | 2.1 LOW | N/A |
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | |||||
CVE-2000-0762 | 2 Broadcom, Ca | 2 Etrust Access Control, Etrust Access Control | 2023-12-10 | 10.0 HIGH | N/A |
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges. | |||||
CVE-2004-1381 | 1 Mozilla | 2 Firefox, Mozilla | 2023-12-10 | 5.0 MEDIUM | N/A |
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks. | |||||
CVE-2004-0284 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. | |||||
CVE-2002-0066 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2023-12-10 | 7.5 HIGH | N/A |
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges. | |||||
CVE-2004-1464 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. |