Total
240212 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2064 | 1 Verylost | 1 Lostbook | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web script via the (1) Email or (2) Website fields. | |||||
CVE-2001-0834 | 4 Conectiva, Debian, Htdig and 1 more | 4 Linux, Debian Linux, Htdig and 1 more | 2024-02-04 | 6.4 MEDIUM | N/A |
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | |||||
CVE-2001-1350 | 1 Namazu | 1 Namazu | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter. | |||||
CVE-1999-0067 | 2 Apache, Ncsa | 2 Http Server, Ncsa Httpd | 2024-02-04 | 10.0 HIGH | N/A |
phf CGI program allows remote command execution through shell metacharacters. | |||||
CVE-2002-1702 | 1 Deltascripts | 1 Php Classifieds | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. | |||||
CVE-2004-0459 | 1 Ieee | 1 802.11 Wireless Protocol | 2024-02-04 | 5.0 MEDIUM | N/A |
The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS transmission encoding, allows remote attackers to cause a denial of service via a certain RF signal that causes a channel to appear busy (aka "jabber"), which prevents devices from transmitting data. | |||||
CVE-1999-0826 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in FreeBSD angband allows local users to gain privileges. | |||||
CVE-1999-0637 | 2024-02-04 | N/A | N/A | ||
The systat service is running. | |||||
CVE-2004-0560 | 1 University Of Minnesota | 1 Gopherd | 2024-02-04 | 7.5 HIGH | N/A |
Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow. | |||||
CVE-2002-0949 | 1 Telindus | 1 Adsl Router | 2024-02-04 | 7.5 HIGH | N/A |
Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext. | |||||
CVE-2001-0243 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 5.0 MEDIUM | N/A |
Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files. | |||||
CVE-2002-0920 | 1 Cgiscript.net | 1 Cspassword | 2024-02-04 | 5.1 MEDIUM | N/A |
CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed. | |||||
CVE-2002-2170 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 7.5 HIGH | N/A |
Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request that accesses the dir.hts page on the localhost and adds an entire hard drive to be shared. | |||||
CVE-2002-1071 | 1 Zyxel | 1 Prestige | 2024-02-04 | 5.0 MEDIUM | N/A |
ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set. | |||||
CVE-2003-1192 | 1 Truenorth Software | 1 Ia Webmail Server | 2024-02-04 | 10.0 HIGH | N/A |
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request. | |||||
CVE-2003-1130 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-1071. Reason: This candidate is a duplicate of CVE-2003-1071. Notes: All CVE users should reference CVE-2003-1071 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2001-0222 | 1 Webmin | 1 Webmin | 2024-02-04 | 1.2 LOW | N/A |
webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | |||||
CVE-2000-0038 | 1 Glftpd | 1 Glftpd | 2024-02-04 | 7.5 HIGH | N/A |
glFtpD includes a default glftpd user account with a default password and a UID of 0. | |||||
CVE-2004-0363 | 1 Symantec | 1 Norton Antispam | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method. | |||||
CVE-2003-0581 | 1 Xfstt | 1 Xfstt | 2024-02-04 | 7.5 HIGH | N/A |
X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access. |