Total
8242 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-4006 | 1 Bomberclone | 1 Bomberclone | 2024-02-04 | 5.0 MEDIUM | N/A |
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory. | |||||
CVE-2002-1717 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. | |||||
CVE-2003-1398 | 1 Cisco | 1 Ios | 2024-02-04 | 9.3 HIGH | N/A |
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). | |||||
CVE-1999-0236 | 2 Apache, Illinois | 2 Http Server, Ncsa Httpd | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | |||||
CVE-1999-0605 | 1 Austin Contract Computing | 1 Merchant Order Form | 2024-02-04 | 5.0 MEDIUM | N/A |
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information. | |||||
CVE-2002-2289 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 5.0 MEDIUM | N/A |
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords. | |||||
CVE-2002-0596 | 1 Webtrends | 1 Reporting Center | 2024-02-04 | 5.0 MEDIUM | N/A |
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an error message. | |||||
CVE-2002-2317 | 1 Symantec | 1 Velociraptor | 2024-02-04 | 7.8 HIGH | N/A |
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. | |||||
CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | |||||
CVE-2002-2349 | 1 Phpbb | 1 Phpbbmod | 2024-02-04 | 5.0 MEDIUM | N/A |
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information. | |||||
CVE-2003-1540 | 1 Wfchat | 1 Wfchat | 2024-02-04 | 5.0 MEDIUM | N/A |
WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain authentication information via a direct request to (1) !pwds.txt and (2) !nicks.txt. | |||||
CVE-2002-2342 | 1 Joe Depasquale | 1 Bannermatic | 2024-02-04 | 5.0 MEDIUM | N/A |
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files. | |||||
CVE-2003-1469 | 2 Macromedia, Microsoft | 5 Coldfusion, Coldfusion Professional, Windows 2000 and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | |||||
CVE-2002-2276 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-02-04 | 5.0 MEDIUM | N/A |
Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message. | |||||
CVE-2003-1366 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 3.3 LOW | N/A |
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. | |||||
CVE-2003-0001 | 4 Freebsd, Linux, Microsoft and 1 more | 5 Freebsd, Linux Kernel, Windows 2000 and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | |||||
CVE-1999-0348 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. | |||||
CVE-2000-0132 | 1 Microsoft | 1 Virtual Machine | 2024-02-04 | 2.6 LOW | N/A |
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | |||||
CVE-2004-1923 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-02-04 | 5.0 MEDIUM | N/A |
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the web server path in an error message. | |||||
CVE-2003-1404 | 1 Dotbr | 1 Botbr | 2024-02-04 | 7.5 HIGH | N/A |
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. |