Total
254538 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0348 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2024-02-04 | 7.5 HIGH | N/A |
| service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. | |||||
| CVE-2004-1481 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2024-02-04 | 5.1 MEDIUM | N/A |
| Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS, allows remote attackers to execute arbitrary code via a SMIL file and a .rm movie file with a large length field for the data chunk, which leads to a heap-based buffer overflow. | |||||
| CVE-2002-1422 | 1 Ilia Alshanetsky | 1 Fudforum | 2024-02-04 | 5.0 MEDIUM | N/A |
| admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters. | |||||
| CVE-2001-0913 | 1 Network Solutions | 1 Rwhoisd | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers. | |||||
| CVE-2004-1543 | 1 Korweblog | 1 Korweblog | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter. | |||||
| CVE-1999-0185 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. | |||||
| CVE-2001-1516 | 1 Hans Wolters | 1 Phpreview | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews. | |||||
| CVE-2002-1714 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | |||||
| CVE-2000-0529 | 1 Network Associates | 1 Net Tools Pki Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request. | |||||
| CVE-1999-1151 | 1 Compaq Microcom | 1 Microcom 6000 Access Integrator | 2024-02-04 | 5.0 MEDIUM | N/A |
| Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password. | |||||
| CVE-2002-0066 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2024-02-04 | 7.5 HIGH | N/A |
| Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges. | |||||
| CVE-2004-1307 | 10 Apple, Avaya, Conectiva and 7 more | 19 Mac Os X, Mac Os X Server, Call Management System Server and 16 more | 2024-02-04 | 7.5 HIGH | N/A |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | |||||
| CVE-2004-1382 | 1 Gnu | 1 Glibc | 2024-02-04 | 2.1 LOW | N/A |
| The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. | |||||
| CVE-2004-2182 | 1 Macromedia | 1 Jrun | 2024-02-04 | 7.5 HIGH | N/A |
| Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server. | |||||
| CVE-2001-0741 | 1 Cisco | 1 Hsrp | 2024-02-04 | 2.1 LOW | N/A |
| Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets. | |||||
| CVE-2000-0400 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post. | |||||
| CVE-2001-1222 | 1 Plesk | 1 Plesk Server Administrator | 2024-02-04 | 5.0 MEDIUM | N/A |
| Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain. | |||||
| CVE-2001-0137 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 5.1 MEDIUM | N/A |
| Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability. | |||||
| CVE-1999-0030 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. | |||||
| CVE-2002-1904 | 1 Gaztek | 1 Ghttpd | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||