Total
238403 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0354 | 1 Redhat | 1 Linux | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job. | |||||
CVE-2000-1114 | 1 Unify | 1 Ewave Servletexec | 2024-02-04 | 5.0 MEDIUM | N/A |
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20". | |||||
CVE-2002-1857 | 1 Jo | 1 Jo Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2024-02-04 | 4.6 MEDIUM | N/A |
Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | |||||
CVE-2003-0156 | 1 Cross Referencer | 1 Lxr | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter. | |||||
CVE-2001-0694 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command. | |||||
CVE-2002-0843 | 2 Apache, Oracle | 4 Http Server, Application Server, Database Server and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response. | |||||
CVE-2001-0147 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | |||||
CVE-2002-1153 | 1 Ibm | 1 Websphere Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as "Host". | |||||
CVE-2004-0067 | 1 Phpgedview | 1 Phpgedview | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1. | |||||
CVE-2004-0684 | 1 Ibm | 2 Websphere Caching Proxy Server, Websphere Edge Server Caching Proxy | 2024-02-04 | 5.0 MEDIUM | N/A |
WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without any parameters. | |||||
CVE-2001-0322 | 1 Microsoft | 3 Internet Explorer, Outlook, Outlook Express | 2024-02-04 | 5.0 MEDIUM | N/A |
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. | |||||
CVE-2001-1453 | 1 Oracle | 1 Mysql | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter. | |||||
CVE-2004-2201 | 1 Duware | 1 Duforum | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail.asp, or (3) password parameter in the login form. | |||||
CVE-1999-1154 | 1 Lakeweb | 1 Filemail Cgi Script | 2024-02-04 | 7.5 HIGH | N/A |
LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
CVE-1999-1341 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.6 MEDIUM | N/A |
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices. | |||||
CVE-1999-1559 | 1 Alcatel | 1 Omniswitch | 2024-02-04 | 5.0 MEDIUM | N/A |
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time. | |||||
CVE-2004-1508 | 1 Webcalendar | 1 Webcalendar | 2024-02-04 | 7.5 HIGH | N/A |
init.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter. | |||||
CVE-2004-0677 | 1 Fastream | 1 Netfile Ftp Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive ("A"). | |||||
CVE-2002-1731 | 1 Ibm | 1 Os 400 | 2024-02-04 | 2.1 LOW | N/A |
The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF. |