Total
93126 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1454 | 4 Invision Power Services, Linux, Microsoft and 1 more | 4 Invision Board, Linux Kernel, All Windows and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | |||||
CVE-2001-0914 | 2 Linux, Suse | 2 Linux Kernel, Suse Linux | 2024-02-04 | 2.1 LOW | N/A |
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading. | |||||
CVE-2001-1025 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 10.0 HIGH | N/A |
PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php. | |||||
CVE-2001-0619 | 1 Lucent | 1 Orinoco | 2024-02-04 | 7.5 HIGH | N/A |
The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join the network, is transmitted in the clear. | |||||
CVE-1999-0993 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 7.5 HIGH | N/A |
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. | |||||
CVE-2001-0383 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication. | |||||
CVE-2002-0659 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. | |||||
CVE-2003-1022 | 1 Debian | 1 Fsp | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | |||||
CVE-2002-0718 | 1 Microsoft | 1 Content Management Server | 2024-02-04 | 7.5 HIGH | N/A |
Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function." | |||||
CVE-2002-1664 | 1 Yahoo | 1 Messenger | 2024-02-04 | 6.4 MEDIUM | N/A |
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information. | |||||
CVE-2004-1593 | 1 Sct Corporation | 1 Campus Pipeline | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter. | |||||
CVE-2001-1101 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 6.4 MEDIUM | N/A |
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2002-2337 | 1 Kaspersky Lab | 1 Kaspersky Anti-hacker | 2024-02-04 | 5.0 MEDIUM | N/A |
Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
CVE-2003-1127 | 1 Whale Communications | 1 E-gap | 2024-02-04 | 5.0 MEDIUM | N/A |
Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. | |||||
CVE-2003-1537 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. | |||||
CVE-1999-1393 | 1 Apple | 1 Macos | 2024-02-04 | 4.6 MEDIUM | N/A |
Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. | |||||
CVE-2001-0648 | 1 Phprojekt | 1 Phprojekt | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in PHProjekt 2.1 and earlier allows a remote attacker to conduct unauthorized activities via a dot dot (..) attack on the file module. | |||||
CVE-2001-0487 | 1 Ibm | 1 Aix Snmp | 2024-02-04 | 5.0 MEDIUM | N/A |
AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. | |||||
CVE-1999-0082 | 2 Ftp, Ftpcd | 2 Ftp, Ftpcd | 2024-02-04 | 10.0 HIGH | N/A |
CWD ~root command in ftpd allows root access. | |||||
CVE-1999-0911 | 1 Proftpd Project | 1 Proftpd | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. |