Total
258077 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0944 | 1 Sap | 1 Sap Db | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI. | |||||
| CVE-2002-0145 | 1 Scott Parish | 1 Chuid | 2023-12-10 | 7.5 HIGH | N/A |
| chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root. | |||||
| CVE-2001-0897 | 1 Infopop | 1 Ultimate Bulletin Board | 2023-12-10 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field. | |||||
| CVE-2003-0607 | 1 Stanley T. Shebs | 1 Xconq | 2023-12-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables. | |||||
| CVE-2001-0789 | 1 Kaspersky | 1 Kaspersky Anti-virus | 2023-12-10 | 10.0 HIGH | N/A |
| Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message. | |||||
| CVE-2004-0626 | 4 Conectiva, Gentoo, Linux and 1 more | 4 Linux, Linux, Linux Kernel and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. | |||||
| CVE-2004-1628 | 1 Pizzashack | 1 Rssh | 2023-12-10 | 9.0 HIGH | N/A |
| Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code. | |||||
| CVE-2001-0210 | 1 Carey Internet Service | 1 Commerce.cgi | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in commerce.cgi CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the page parameter. | |||||
| CVE-2001-0275 | 1 Moby | 1 Netsuite Web Server | 2023-12-10 | 2.1 LOW | N/A |
| Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. | |||||
| CVE-2002-0783 | 1 Opera Software | 1 Opera Web Browser | 2023-12-10 | 7.5 HIGH | N/A |
| Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. | |||||
| CVE-2000-0773 | 1 Bajie | 1 Java Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack. | |||||
| CVE-2000-0382 | 1 Allaire | 1 Clustercats | 2023-12-10 | 2.6 LOW | N/A |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | |||||
| CVE-2000-0025 | 1 Microsoft | 3 Internet Information Server, Site Server, Site Server Commerce | 2023-12-10 | 5.0 MEDIUM | N/A |
| IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. | |||||
| CVE-2002-1402 | 1 Postgresql | 1 Postgresql | 2023-12-10 | 4.6 MEDIUM | N/A |
| Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-1999-0453 | 1 Cisco | 1 Router | 2023-12-10 | 5.0 MEDIUM | N/A |
| An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP). | |||||
| CVE-2003-0557 | 1 Lagarde | 1 Storefront | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field. | |||||
| CVE-2002-2093 | 1 Sgi | 1 Irix | 2023-12-10 | 2.1 LOW | N/A |
| The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin. | |||||
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
| IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||||
| CVE-2002-1099 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2023-12-10 | 5.0 MEDIUM | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages. | |||||
| CVE-2001-1433 | 1 Cherokee | 1 Cherokee Httpd | 2023-12-10 | 7.5 HIGH | N/A |
| Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities. | |||||