Total
254282 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1134 | 1 Sun | 1 Java | 2024-02-04 | 2.1 LOW | N/A |
Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | |||||
CVE-2002-0530 | 1 Novell | 1 Web Search | 2024-02-04 | 5.1 MEDIUM | N/A |
Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter. | |||||
CVE-2002-1521 | 1 Mdg Computer Services | 1 Web Server 4d | 2024-02-04 | 2.1 LOW | N/A |
Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges. | |||||
CVE-1999-1045 | 1 Realnetworks | 1 Realserver | 2024-02-04 | 7.8 HIGH | N/A |
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. | |||||
CVE-2002-0020 | 1 Microsoft | 2 Interix, Windows 2000 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options. | |||||
CVE-2003-0680 | 1 Sgi | 1 Irix | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions. | |||||
CVE-2002-0577 | 1 Hp | 1 Hp-ux | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | |||||
CVE-2004-2209 | 1 Ideal Science | 1 Idealbb | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
CVE-2003-0739 | 1 Vmware | 1 Workstation | 2024-02-04 | 4.6 MEDIUM | N/A |
VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. | |||||
CVE-2002-1704 | 1 Zeroboard | 1 Zeroboard | 2024-02-04 | 5.0 MEDIUM | N/A |
Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2004-0461 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2024-02-04 | 10.0 HIGH | N/A |
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | |||||
CVE-2002-0462 | 1 Big Sam | 1 Big Sam | 2024-02-04 | 6.4 MEDIUM | N/A |
bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone Module) 1.1.08 and earlier allows remote attackers to cause a denial of service (CPU consumption) or obtain the absolute path of the web server via a displayBegin parameter with a very large number, which leaks the web path in an error message when PHP safe_mode is enabled, or consumes resources when safe_mode is not enabled. | |||||
CVE-1999-0931 | 1 Mediahouse Software | 1 Statistics Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands. | |||||
CVE-2001-1163 | 1 Munica | 1 Netsql | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code via a long CONNECT argument to port 6500. | |||||
CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2024-02-04 | 7.5 HIGH | N/A |
secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | |||||
CVE-2002-2250 | 1 Sybase | 1 Adaptive Server | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function. | |||||
CVE-2004-1392 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | |||||
CVE-2002-1532 | 1 Surfcontrol | 1 Superscout Email Filter | 2024-02-04 | 5.0 MEDIUM | N/A |
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface to wait for the sequence and blocks other users from accessing it. | |||||
CVE-2004-1423 | 1 Php-calendar | 1 Php-calendar | 2024-02-04 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office (VLO) and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpc_root_path parameter to (1) includes/calendar.php or (2) includes/setup.php. | |||||
CVE-1999-1331 | 1 Redhat | 1 Linux | 2024-02-04 | 2.1 LOW | N/A |
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface. |