Total
254538 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1364 | 1 Ehud Gavron | 1 Tracesroute | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses. | |||||
| CVE-2000-1205 | 1 Apache | 1 Http Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant. | |||||
| CVE-2002-0570 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key. | |||||
| CVE-1999-1119 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
| FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2002-1925 | 1 Tiny Software | 1 Tiny Personal Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
| Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to cause a denial of service (crash) by via SYN, UDP, ICMP and TCP portscans when the administrator selects the Log tab of the Personal Firewall Agent module. | |||||
| CVE-1999-0429 | 1 Ibm | 1 Lotus Notes | 2024-02-04 | 7.5 HIGH | N/A |
| The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference. | |||||
| CVE-2004-1544 | 1 Jspwiki | 1 Jspwiki | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows remote attackers to execute arbitrary web script as other users via the query parameter. | |||||
| CVE-2004-1062 | 1 Viewcvs | 1 Viewcvs | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages. | |||||
| CVE-2002-0597 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
| LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445. | |||||
| CVE-2002-0943 | 1 Metalinks | 1 Metacart2.sql | 2024-02-04 | 6.4 MEDIUM | N/A |
| MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb. | |||||
| CVE-2004-2207 | 1 Ideal Science | 1 Idealbb | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2003-1275 | 1 Microsoft | 1 Pocket Ie | 2024-02-04 | 5.0 MEDIUM | N/A |
| Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function. | |||||
| CVE-2004-0760 | 1 Mozilla | 1 Mozilla | 2024-02-04 | 6.4 MEDIUM | N/A |
| Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. | |||||
| CVE-2004-0062 | 1 Fishnet | 1 Fishcart | 2024-02-04 | 7.5 HIGH | N/A |
| Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity. | |||||
| CVE-2000-0469 | 1 Selena Sol | 1 Webbanner | 2024-02-04 | 5.1 MEDIUM | N/A |
| Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-0136 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. | |||||
| CVE-2001-0134 | 2 Compaq, Digital | 15 Armada Insight Manager, Enterprise Volume Manager-command Scripter, Foundation Agents and 12 more | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name. | |||||
| CVE-2003-1340 | 1 Phpnuke | 1 Php-nuke | 2024-02-04 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279. | |||||
| CVE-1999-1322 | 2 Broadcom, Microsoft | 3 Arcserve Backup, Inoculan, Exchange Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | |||||
| CVE-2001-0431 | 1 Iplanet | 1 Iplanet Web Server | 2024-02-04 | 10.0 HIGH | N/A |
| Vulnerability in iPlanet Web Server Enterprise Edition 4.x. | |||||