Total
250652 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2035 | 1 Minishare | 1 Minimal Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. | |||||
CVE-2001-0800 | 1 Sgi | 1 Irix | 2023-12-10 | 10.0 HIGH | N/A |
lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2000-1200 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | |||||
CVE-2002-0765 | 1 Openbsd | 2 Openbsd, Openssh | 2023-12-10 | 7.5 HIGH | N/A |
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password. | |||||
CVE-2002-2138 | 1 Hp | 2 Advanced Server 9000, Hp-ux | 2023-12-10 | 5.0 MEDIUM | N/A |
RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139. | |||||
CVE-2002-0598 | 1 Foundstone | 1 Fscan | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner. | |||||
CVE-2000-0365 | 1 Redhat | 1 Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices. | |||||
CVE-2001-1526 | 1 Easyscripts | 1 Easynews | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter. | |||||
CVE-2002-0797 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. | |||||
CVE-2004-1668 | 1 Easyweb | 1 Factory Subjects Module | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters. | |||||
CVE-1999-0653 | 2023-12-10 | 10.0 HIGH | N/A | ||
A component service related to NIS+ is running. | |||||
CVE-2003-0932 | 1 Omega-rpg | 1 Omega-rpg | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable. | |||||
CVE-2004-2056 | 1 Nucleus Group | 1 Nucleus Cms | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statements via the itemid parameter. | |||||
CVE-2004-1241 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2004. Notes: none | |||||
CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||||
CVE-2004-1651 | 1 Brickhost | 1 Phpscheduleit | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Lastname fields during new user registration, or (3) the Schedule Name field. | |||||
CVE-2003-0979 | 1 Freescripts | 1 Visitorbook | 2023-12-10 | 5.0 MEDIUM | N/A |
FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable. | |||||
CVE-2004-2190 | 1 Unzoo | 1 Unzoo | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. | |||||
CVE-1999-1521 | 1 Computalynx | 1 Cmail | 2023-12-10 | 10.0 HIGH | N/A |
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server. | |||||
CVE-2000-0659 | 1 Analogx | 1 Proxy | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request. |