Total
254699 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2139 | 1 Yabb | 1 Yabb | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl. | |||||
CVE-2000-0008 | 1 1st Choice Software | 1 Ftppro | 2024-02-04 | 2.1 LOW | N/A |
FTPPro allows local users to read sensitive information, which is stored in plain text. | |||||
CVE-2004-1833 | 1 Borland Software | 1 Interbase | 2024-02-04 | 7.5 HIGH | N/A |
The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | |||||
CVE-2000-0436 | 1 Metaproducts | 1 Offline Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack. | |||||
CVE-2002-0827 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824. | |||||
CVE-2002-1817 | 1 Symantec Veritas | 1 Cluster Server | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX allows attackers to gain privileges via unknown attack vectors. | |||||
CVE-2004-1611 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2024-02-04 | 5.1 MEDIUM | N/A |
SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1) execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle (MITM) attack, or (2) obtain the database password via a GetConnection request to TCP port 1707. | |||||
CVE-2001-0578 | 1 Sco | 1 Openserver | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command. | |||||
CVE-2002-1725 | 1 Onlinetools.org | 1 Phpimageview | 2024-02-04 | 5.0 MEDIUM | N/A |
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function. | |||||
CVE-1999-0889 | 1 Cisco | 1 675 Router | 2024-02-04 | 7.5 HIGH | N/A |
Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set. | |||||
CVE-2002-1717 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. | |||||
CVE-2002-0292 | 1 Open Source Development Network | 1 Slashcode | 2024-02-04 | 2.6 LOW | N/A |
Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field. | |||||
CVE-1999-0832 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. | |||||
CVE-2001-0399 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 5.0 MEDIUM | N/A |
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request. | |||||
CVE-2002-0888 | 1 3com | 1 3cp4144 | 2024-02-04 | 7.5 HIGH | N/A |
3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired port, which is allowed by the router. | |||||
CVE-2000-0592 | 1 Sapporoworks | 1 Sapporoworks Winproxy | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands. | |||||
CVE-2001-0853 | 1 Entrust | 1 Getaccess | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat. | |||||
CVE-2004-1688 | 1 Tech-noel | 1 Pigeon Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103. | |||||
CVE-2004-1305 | 2 Microsoft, Nortel | 19 Windows 2000, Windows 2003 Server, Windows 98 and 16 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. | |||||
CVE-1999-1575 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.1 MEDIUM | N/A |
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. |