Total
239849 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0576 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619. | |||||
CVE-2002-2146 | 1 Savant | 1 Savant Webserver | 2024-02-04 | 7.5 HIGH | N/A |
cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request. | |||||
CVE-2000-0251 | 1 Hp | 2 Hp-ux, Vvos | 2024-02-04 | 5.0 MEDIUM | N/A |
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. | |||||
CVE-1999-1157 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | |||||
CVE-2002-0807 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi. | |||||
CVE-1999-0176 | 1 Webgais Development Team | 1 Webgais | 2024-02-04 | 7.5 HIGH | N/A |
The Webgais program allows a remote user to execute arbitrary commands. | |||||
CVE-2004-1809 | 1 Phpbb Group | 1 Phpbb | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) postdays parameter to viewtopic.php or (2) topicdays parameter to viewforum.php. | |||||
CVE-2002-1351 | 1 Melange | 1 Melange Chat System | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service (chat server crash) and possibly execute arbitrary code via the msgText buffer in the chat_InterpretData function, as demonstrated via a long Nick (nickname) request. | |||||
CVE-2004-1935 | 1 Sct Corporation | 1 Campus Pipeline | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via onload, onmouseover, and other Javascript events in an e-mail attachment. | |||||
CVE-2003-0687 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has been revoked by its Candidate Numbering Authority (CNA) because it was internally assigned to a problem that was not reachable (the affected routine was not used by the software). Notes: none. | |||||
CVE-2000-1041 | 1 Swen Thuemmler | 1 Ypbind | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges. | |||||
CVE-2004-2140 | 1 Yabb | 1 Yabb | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable. | |||||
CVE-2003-0125 | 1 Multitech | 1 Routefinder 550 Vpn | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value. | |||||
CVE-2003-0974 | 1 Applied Watch Technologies | 1 Applied Watch Command Center | 2024-02-04 | 7.5 HIGH | N/A |
Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c. | |||||
CVE-2004-1587 | 1 Monolith Productions | 4 Alien Versus Predator, Blood, No One Lives Forever and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query. | |||||
CVE-2000-1086 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-04 | 4.6 MEDIUM | N/A |
The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
CVE-2001-0972 | 1 Surf-net | 1 Asp Forum | 2024-02-04 | 10.0 HIGH | N/A |
Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888." | |||||
CVE-2002-1708 | 1 Basilix | 1 Basilix Webmail | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields. | |||||
CVE-1999-1140 | 1 Alec Muffet | 1 Cracklib | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field. | |||||
CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2024-02-04 | 5.0 MEDIUM | N/A |
Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. |