Total
237494 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1456 | 1 Cvstrac | 1 Cvstrac | 2024-02-04 | 7.5 HIGH | N/A |
filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo. | |||||
CVE-2002-1642 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 7.2 HIGH | N/A |
PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a denial of service (data loss) via the VACUUM command. | |||||
CVE-2003-1256 | 1 E-theni | 1 E-theni | 2024-02-04 | 6.8 MEDIUM | N/A |
aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. | |||||
CVE-2004-0788 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2024-02-04 | 5.0 MEDIUM | N/A |
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file. | |||||
CVE-2003-1411 | 1 Isoca | 1 Cedric Email Reader | 2024-02-04 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email Reader 0.4 allows remote attackers to execute arbitrary PHP code via the emailreader_ini parameter. | |||||
CVE-2002-0368 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with a malformed RFC message attribute, aka "Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources." | |||||
CVE-2003-1062 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory. | |||||
CVE-2002-2409 | 1 Qnx | 2 Neutrino Rtos, Photon Microgui | 2024-02-04 | 3.5 LOW | N/A |
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID. | |||||
CVE-2001-0729 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. | |||||
CVE-2002-1805 | 1 Dacode | 1 Dacode | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
CVE-1999-1564 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes. | |||||
CVE-2004-1081 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2024-02-04 | 2.1 LOW | N/A |
The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | |||||
CVE-2004-0457 | 1 Oracle | 1 Mysql | 2024-02-04 | 4.6 MEDIUM | N/A |
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2002-1049 | 1 Hylafax | 1 Hylafax | 2024-02-04 | 5.0 MEDIUM | N/A |
Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element. | |||||
CVE-2002-0122 | 1 Siemens | 1 3568i Wap | 2024-02-04 | 5.0 MEDIUM | N/A |
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters. | |||||
CVE-2002-0800 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 5.0 MEDIUM | N/A |
BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. | |||||
CVE-2001-0384 | 1 Siemens | 1 Reliant Unix | 2024-02-04 | 2.1 LOW | N/A |
ppd in Reliant Sinix allows local users to corrupt arbitrary files via a symlink attack in the /tmp/ppd.trace file. | |||||
CVE-2004-1583 | 1 Tridcomm | 1 Tridcomm | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in the FTP server in TriDComm 1.3 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in FTP commands such as (1) DIR, (2) GET, or (3) PUT. | |||||
CVE-1999-0360 | 1 Microsoft | 1 Site Server | 2024-02-04 | 7.2 HIGH | N/A |
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely. | |||||
CVE-2002-1428 | 1 Dotproject | 1 Dotproject | 2024-02-04 | 10.0 HIGH | N/A |
index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie parameter set to 1. |