Total
254666 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0818 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. | |||||
CVE-2000-0497 | 1 Ibm | 1 Websphere Application Server | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |||||
CVE-2003-0481 | 1 Gero Kohnert | 1 Tutos | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to file_select.php. | |||||
CVE-2001-0457 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). | |||||
CVE-2002-1783 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions. | |||||
CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
CVE-1999-0579 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | |||||
CVE-2003-1319 | 1 Smartftp | 1 Smartftp | 2024-02-04 | 7.6 HIGH | N/A |
Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow. | |||||
CVE-2004-0646 | 1 Macromedia | 2 Coldfusion, Jrun | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields. | |||||
CVE-1999-1398 | 1 Sgi | 1 Irix | 2024-02-04 | 6.2 MEDIUM | N/A |
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | |||||
CVE-2003-0604 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 7.5 HIGH | N/A |
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. | |||||
CVE-1999-0432 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
ftp on HP-UX 11.00 allows local users to gain privileges. | |||||
CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 4.6 MEDIUM | N/A |
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | |||||
CVE-1999-0898 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. | |||||
CVE-2003-0528 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. | |||||
CVE-2000-0912 | 1 Jcs Web Works | 1 Multihtml | 2024-02-04 | 5.0 MEDIUM | N/A |
MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter. | |||||
CVE-2003-0448 | 1 Aboleo.net | 1 Portmon | 2024-02-04 | 3.6 LOW | N/A |
Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via the (1) -c (host file) or (2) -l (log file) command line options. | |||||
CVE-2003-1080 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 1.2 LOW | N/A |
Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users. | |||||
CVE-2004-1980 | 1 Props | 1 Props | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in glossary.php in PROPS 0.6.1 allows remote attackers to view arbitrary files via a .. (dot dot) in (1) module or (2) format variables. | |||||
CVE-1999-0421 | 1 Slackware | 1 Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password. |