Total
93126 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0028 | 1 Igor Khasilev | 1 Oops Proxy Server | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters. | |||||
| CVE-2003-1459 | 1 Ttcms | 2 Ttcms, Ttforum | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php. | |||||
| CVE-2003-0235 | 1 Mirabilis | 1 Icq | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. | |||||
| CVE-1999-1387 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25. | |||||
| CVE-2004-1528 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php, (2) index.php, or (3) submit.php, which reveal the full path in an error message. | |||||
| CVE-2003-1526 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
| PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. | |||||
| CVE-1999-0196 | 1 Webgais Development Team | 1 Webgais | 2024-02-04 | 5.0 MEDIUM | N/A |
| websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable). | |||||
| CVE-2000-1127 | 1 Hp | 1 Hp-ux | 2024-02-04 | 3.6 LOW | N/A |
| registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable. | |||||
| CVE-2002-0801 | 1 Macromedia | 1 Jrun | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. | |||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | |||||
| CVE-2002-1198 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
| Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack. | |||||
| CVE-2003-1554 | 1 Scoznet | 1 Scozbook | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables. | |||||
| CVE-2002-0964 | 1 Valve Software | 2 Half-life, Half-life Dedicated Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out. | |||||
| CVE-2004-0127 | 1 Phpgedview | 1 Phpgedview | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and earlier allows remote attackers to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter. | |||||
| CVE-1999-1026 | 1 Sun | 1 Solaris | 2024-02-04 | 7.2 HIGH | N/A |
| aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file. | |||||
| CVE-1999-0611 | 2024-02-04 | 10.0 HIGH | N/A | ||
| A system-critical Windows NT registry key has an inappropriate value. | |||||
| CVE-2002-1230 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2024-02-04 | 4.6 MEDIUM | N/A |
| NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation." | |||||
| CVE-2004-0413 | 2 Openpkg, Subversion | 2 Openpkg, Subversion | 2024-02-04 | 10.0 HIGH | N/A |
| libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow. | |||||
| CVE-1999-0036 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. | |||||
| CVE-2003-0871 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system." | |||||