Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0478 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. | |||||
CVE-2002-0650 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop. | |||||
CVE-2002-0764 | 1 Phorum | 1 Phorum | 2024-02-04 | 7.5 HIGH | N/A |
Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands. | |||||
CVE-2004-1748 | 1 Sysinternals | 1 Regmon | 2024-02-04 | 2.1 LOW | N/A |
NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue. | |||||
CVE-2001-0824 | 1 Ibm | 1 Websphere Application Server | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page. | |||||
CVE-2003-1324 | 1 Elmme-mailer | 1 Elm Me\+ | 2024-02-04 | 4.6 MEDIUM | N/A |
Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group. | |||||
CVE-2002-1813 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 2.6 LOW | N/A |
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link. | |||||
CVE-1999-0762 | 1 Netscape | 2 Communicator, Navigator | 2024-02-04 | 2.6 LOW | N/A |
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. | |||||
CVE-2000-0449 | 1 Omnis | 1 Studio | 2024-02-04 | 10.0 HIGH | N/A |
Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | |||||
CVE-1999-0222 | 1 Cisco | 1 Router | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. | |||||
CVE-2003-1240 | 1 Cutephp | 1 Cutenews | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php. | |||||
CVE-2000-0017 | 1 Redhat | 1 Linux | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | |||||
CVE-2001-0225 | 1 Lenzo | 1 Infobot | 2024-02-04 | 10.0 HIGH | N/A |
fortran math component in Infobot 0.44.5.3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-1999-1333 | 1 Redhat | 1 Linux | 2024-02-04 | 7.5 HIGH | N/A |
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. | |||||
CVE-2002-1806 | 1 Drupal | 1 Drupal | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
CVE-2001-0340 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 7.5 HIGH | N/A |
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. | |||||
CVE-2002-1100 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface. | |||||
CVE-2002-2025 | 1 Ibm | 1 Lotus Domino Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name. | |||||
CVE-2003-0047 | 1 Van Dyke Technologies | 3 Entunnel, Securecrt, Securefx | 2024-02-04 | 4.6 MEDIUM | N/A |
SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
CVE-2003-1281 | 1 Eekim | 1 Cgihtml | 2024-02-04 | 2.1 LOW | N/A |
cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. |