Total
238510 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0491 | 1 Alguest | 1 Alguest | 2024-02-04 | 10.0 HIGH | N/A |
| admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value. | |||||
| CVE-2002-1093 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2024-02-04 | 5.0 MEDIUM | N/A |
| HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request. | |||||
| CVE-2000-0337 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. | |||||
| CVE-2002-1189 | 1 Cisco | 1 Unity Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding. | |||||
| CVE-2002-2292 | 1 Halycon Software | 1 Iasp | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095. | |||||
| CVE-2003-1338 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header. | |||||
| CVE-2000-0862 | 1 Allaire | 1 Spectra | 2024-02-04 | 6.4 MEDIUM | N/A |
| Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information. | |||||
| CVE-1999-1385 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable. | |||||
| CVE-2002-1452 | 1 Mywebserver | 1 Mywebserver | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter. | |||||
| CVE-2004-0599 | 1 Greg Roelofs | 1 Libpng | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image. | |||||
| CVE-2004-2067 | 1 Jaws | 1 Jaws | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attackers to execute arbitrary SQL and bypass authentication via the (1) user, (2) password, or (3) crypted_password parameters. | |||||
| CVE-2002-1216 | 1 Gnu | 1 Tar | 2024-02-04 | 5.0 MEDIUM | N/A |
| GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check. | |||||
| CVE-2003-0706 | 1 Nicolas Boullis | 1 Mah-jong | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop). | |||||
| CVE-1999-1194 | 1 Digital | 1 Ultrix | 2024-02-04 | 7.2 HIGH | N/A |
| chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges. | |||||
| CVE-2002-2332 | 1 Opera Software | 1 Opera Web Browser | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
| CVE-2003-1222 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a foreign Java Message Service (JMS) provider, echoes the password for the foreign provider to the console and stores it in cleartext in config.xml, which could allow attackers to obtain the password. | |||||
| CVE-2004-0042 | 1 Beasts | 1 Vsftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames. | |||||
| CVE-2000-0377 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability. | |||||
| CVE-1999-0951 | 1 Omnicron | 1 Omnihttpd | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands. | |||||
| CVE-2003-0137 | 1 Nokia | 1 Sgsn Dx200 | 2024-02-04 | 5.0 MEDIUM | N/A |
| SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings. | |||||