Total
240426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1204 | 1 Total Pc Solutions | 1 Php Rocket Add-in | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-1999-0794 | 1 Microsoft | 2 Excel, Office | 2024-02-04 | 4.6 MEDIUM | N/A |
| Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | |||||
| CVE-2000-0106 | 1 Easycart | 1 Easycart | 2024-02-04 | 7.5 HIGH | N/A |
| The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2002-2291 | 1 Calisto | 1 Calisto Internet Talker | 2024-02-04 | 7.8 HIGH | N/A |
| Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow. | |||||
| CVE-2004-1708 | 1 Shawn Webb | 1 Webbsyte Chat | 2024-02-04 | 5.0 MEDIUM | N/A |
| Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections. | |||||
| CVE-2004-1405 | 1 Mediawiki | 1 Mediawiki | 2024-02-04 | 7.5 HIGH | N/A |
| MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code. | |||||
| CVE-2003-1118 | 1 University Of California | 1 Seti At Home | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing a long string followed by a \n (newline) character. | |||||
| CVE-2000-1016 | 1 Suse | 1 Suse Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | |||||
| CVE-2001-0622 | 1 Cisco | 1 Content Services Switch 11000 | 2024-02-04 | 7.5 HIGH | N/A |
| The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | |||||
| CVE-2000-1170 | 1 Pelesoft | 1 Netsnap | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2003-1339 | 1 Ezmeeting | 1 Ezmeeting | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll. | |||||
| CVE-2002-0081 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled. | |||||
| CVE-2002-2190 | 1 Artscore Studios | 1 Cutecast Forum | 2024-02-04 | 7.5 HIGH | N/A |
| ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file. | |||||
| CVE-2003-1330 | 2 Clearswift Limited, Microsoft | 2 Mailsweeper, All Windows | 2024-02-04 | 5.0 MEDIUM | N/A |
| Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove. | |||||
| CVE-2000-1202 | 1 Ibm | 1 Http Server Ssl Module Common | 2024-02-04 | 7.2 HIGH | N/A |
| ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class. | |||||
| CVE-2003-1039 | 1 Sap | 1 Mysap Business Suite | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server. | |||||
| CVE-2002-2049 | 1 Dug Song | 3 Dsniff, Fragroute, Fragrouter | 2024-02-04 | 7.5 HIGH | N/A |
| configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the system. | |||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | |||||
| CVE-1999-1044 | 1 Digital | 1 Unix | 2024-02-04 | 4.6 MEDIUM | N/A |
| Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges. | |||||
| CVE-2002-2148 | 1 Lucent | 3 Ascend Max Router, Ascend Pipeline Router, Dslterminator | 2024-02-04 | 5.0 MEDIUM | N/A |
| Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response. | |||||