Total
250711 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0266 | 1 Thunderstone Software | 1 Texis | 2023-12-10 | 5.0 MEDIUM | N/A |
Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname. | |||||
CVE-2002-1365 | 1 Fetchmail | 1 Fetchmail | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | |||||
CVE-2004-0265 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules. | |||||
CVE-2002-1962 | 1 Finjan Software | 1 Surfingate | 2023-12-10 | 7.5 HIGH | N/A |
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname. | |||||
CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2023-12-10 | 5.1 MEDIUM | N/A |
NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
CVE-2003-1351 | 1 Greg Billock | 1 Edittag | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. | |||||
CVE-2004-1978 | 1 Moodle | 1 Moodle | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter. | |||||
CVE-2002-1648 | 1 Squirrelmail | 1 Squirrelmail | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. | |||||
CVE-2004-0513 | 1 Apple | 1 Mac Os X | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." | |||||
CVE-2004-1961 | 1 Protector System | 1 Protector System | 2023-12-10 | 7.5 HIGH | N/A |
blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters ("%27"). | |||||
CVE-1999-1524 | 1 Flowpoint | 1 Flowpoint Dsl Router | 2023-12-10 | 5.0 MEDIUM | N/A |
FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. | |||||
CVE-2002-2374 | 1 Sun | 1 Patchpro | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | |||||
CVE-2001-1144 | 1 Mcafee | 1 Asap Virusscan | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. | |||||
CVE-2002-0070 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2023-12-10 | 7.6 HIGH | N/A |
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | |||||
CVE-1999-0134 | 1 Sun | 1 Sunos | 2023-12-10 | 7.2 HIGH | N/A |
vold in Solaris 2.x allows local users to gain root access. | |||||
CVE-2002-1524 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag. | |||||
CVE-2001-0198 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.6 HIGH | N/A |
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
CVE-2001-0718 | 1 Microsoft | 2 Excel, Powerpoint | 2023-12-10 | 7.5 HIGH | N/A |
Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsoft PowerPoint 2002 and earlier allows attackers to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document. | |||||
CVE-1999-0112 | 2 Cde, Ibm | 2 Cde, Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in AIX dtterm program for the CDE. | |||||
CVE-2000-0049 | 1 Nullsoft | 1 Winamp | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file. |