Total
250330 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2180 | 1 Wowbb | 1 Wowbb Web Forum | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_user.php, (4) highlight parameter to view_topic.php, (5) show parameter to index.php, (6) q parameter to search.php, (7) Referer header to admin.php, or the (8) user_email parameter to login.php. | |||||
| CVE-2003-1197 | 1 Ledscripts.com | 1 Ledforums | 2023-12-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread. | |||||
| CVE-2004-0453 | 1 Vice | 1 Vice | 2023-12-10 | 7.2 HIGH | N/A |
| Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service (emulator crash) and possibly execute arbitrary code via format string specifiers in an output string. | |||||
| CVE-2000-0743 | 1 University Of Minnesota | 1 Gopherd | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value. | |||||
| CVE-2004-1373 | 1 Nullsoft | 1 Shoutcast Server | 2023-12-10 | 7.5 HIGH | N/A |
| Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file. | |||||
| CVE-2000-0960 | 1 Netscape | 1 Messaging Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse. | |||||
| CVE-2004-0296 | 1 Transsoft | 1 Broker Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a TsFtpSrv.exe to exit with an exception by opening and immediately closing a connection. | |||||
| CVE-2002-2162 | 1 Cerulean Studios | 1 Trillian | 2023-12-10 | 4.6 MEDIUM | N/A |
| Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts. | |||||
| CVE-2001-0056 | 1 Cisco | 1 Broadband Operating System | 2023-12-10 | 7.5 HIGH | N/A |
| The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | |||||
| CVE-2004-1764 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. | |||||
| CVE-2003-0096 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2023-12-10 | 9.0 HIGH | N/A |
| Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function. | |||||
| CVE-2002-2226 | 1 Tftpd32 | 1 Tftpd32 | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument. | |||||
| CVE-1999-1148 | 1 Microsoft | 1 Internet Information Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | |||||
| CVE-2003-1306 | 1 Microsoft | 1 Urlscan | 2023-12-10 | 2.6 LOW | N/A |
| Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response. | |||||
| CVE-2001-1081 | 2 Lucent, Simon Horms | 2 Radius, Radius | 2023-12-10 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. | |||||
| CVE-1999-1573 | 1 Hp | 1 Hp-ux | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files. | |||||
| CVE-2001-0980 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2023-12-10 | 7.5 HIGH | N/A |
| docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page. | |||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | |||||
| CVE-1999-0091 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in AIX writesrv command allows local users to obtain root access. | |||||
| CVE-2002-0347 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. | |||||