Total
254379 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1815 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2004-1412 | 1 Kayako | 1 Esupport | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter. | |||||
| CVE-2001-0552 | 2 Hp, Ibm | 2 Openview Network Node Manager, Tivoli Netview | 2024-02-04 | 10.0 HIGH | N/A |
| ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message. | |||||
| CVE-2002-0849 | 1 Cisco | 1 Iscsi Driver | 2024-02-04 | 4.6 MEDIUM | N/A |
| Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | |||||
| CVE-1999-1579 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on the target machine. | |||||
| CVE-2003-0406 | 1 Palmvnc | 1 Palmvnc | 2024-02-04 | 7.2 HIGH | N/A |
| PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges. | |||||
| CVE-2004-0343 | 1 Yabb | 1 Yabb | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php. | |||||
| CVE-2004-1644 | 1 Jerod Moemeka | 1 Xedus | 2024-02-04 | 5.0 MEDIUM | N/A |
| Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address. | |||||
| CVE-1999-1101 | 1 Kab Software | 1 Lydia | 2024-02-04 | 4.6 MEDIUM | N/A |
| Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges. | |||||
| CVE-2001-0125 | 3 Debian, Exmh, Mandrakesoft | 4 Debian Linux, Exmh, Mandrake Linux and 1 more | 2024-02-04 | 1.2 LOW | N/A |
| exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. | |||||
| CVE-2000-0200 | 1 Microsoft | 3 Clip Art, Greetings, Home Publishing | 2024-02-04 | 5.1 MEDIUM | N/A |
| Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability. | |||||
| CVE-2002-1660 | 1 Jelsoft | 1 Vbulletin | 2024-02-04 | 7.5 HIGH | N/A |
| calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the command parameter. | |||||
| CVE-2000-0323 | 1 Microsoft | 1 Jet | 2024-02-04 | 7.6 HIGH | N/A |
| The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability. | |||||
| CVE-2004-0283 | 1 Mailmgr | 1 Mailmgr | 2024-02-04 | 2.1 LOW | N/A |
| Mailmgr 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/mailmgr.unsort, (2) /tmp/mailmgr.tmp, or (3) /tmp/mailmgr.sort. | |||||
| CVE-2000-0613 | 1 Cisco | 1 Pix Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. | |||||
| CVE-2004-0360 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2003-0385 | 1 Debian | 1 Debian Linux | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | |||||
| CVE-2000-0227 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of sockets. | |||||
| CVE-2002-0143 | 2 Enlightenment, Michael Jennings | 2 Imlib, Eterm | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||
| CVE-2003-0228 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location. | |||||