Total
254713 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-4739 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 6.8 MEDIUM | N/A |
IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. | |||||
CVE-2005-2681 | 1 Cisco | 1 Ips Sensor Software | 2024-02-04 | 7.2 HIGH | N/A |
Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. | |||||
CVE-2005-0502 | 1 Xinkaa Web Station | 1 Xinkaa Web Station | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows remote attackers to read arbitrary files via (1) ../ and (2) ..\ characters in an HTTP request. | |||||
CVE-2005-3256 | 1 Enigmail | 1 Enigmail | 2024-02-04 | 5.0 MEDIUM | N/A |
The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message. | |||||
CVE-2000-0982 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability. | |||||
CVE-2000-0795 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option. | |||||
CVE-2001-0111 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. | |||||
CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2024-02-04 | 7.5 HIGH | N/A |
EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
CVE-2001-1218 | 1 Microsoft | 1 Ie | 2024-02-04 | 2.1 LOW | N/A |
Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | |||||
CVE-2002-2204 | 1 Redhat | 1 Redhat Package Manager | 2024-02-04 | 7.5 HIGH | N/A |
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source. | |||||
CVE-2004-0355 | 1 Invision Power Services | 1 Invision Board | 2024-02-04 | 5.0 MEDIUM | N/A |
Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message. | |||||
CVE-2004-0303 | 1 Fools Workshop | 1 Owls Workshop | 2024-02-04 | 5.0 MEDIUM | N/A |
OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in (1) the file parameter in /glossaries/index.php, (2) the filename parameter in /readings/index.php, or (3) the filename parameter in /multiplechoice/resultsignore.php, as demonstrated using /etc/passwd. | |||||
CVE-1999-1313 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands. | |||||
CVE-2003-0014 | 1 Bmv | 1 Bmv | 2024-02-04 | 4.6 MEDIUM | N/A |
gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2003-0052 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2024-02-04 | 5.0 MEDIUM | N/A |
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. | |||||
CVE-2004-0473 | 1 Opera | 1 Opera Browser | 2024-02-04 | 2.6 LOW | N/A |
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) the "-f" option on Windows XP or (2) the "-n" option on Linux. | |||||
CVE-2004-1985 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to inject arbitrary HTML or web script via the CPG_URL parameter. | |||||
CVE-2001-1271 | 1 Rarsoft | 1 Rar | 2024-02-04 | 2.1 LOW | N/A |
Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) attack on archived filenames. | |||||
CVE-2001-0199 | 1 Guido Frassetto | 1 Sedum | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the HTTP GET request. | |||||
CVE-2004-0162 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2024-02-04 | 7.5 HIGH | N/A |
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients. |