Total
254106 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0733 | 1 Ralf S. Engelschall | 1 Eperl | 2024-02-04 | 7.5 HIGH | N/A |
The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the 'sinclude' file to point to another file that contains a #include directive that references a file that contains the code. | |||||
CVE-2004-1813 | 1 Vocaltec | 1 Vgw4 8 Telephony Gateway | 2024-02-04 | 7.5 HIGH | N/A |
VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to home.asp with a trailing slash (/). | |||||
CVE-2003-0001 | 4 Freebsd, Linux, Microsoft and 1 more | 5 Freebsd, Linux Kernel, Windows 2000 and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | |||||
CVE-2003-0253 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. | |||||
CVE-2001-0689 | 1 Trend Micro | 1 Virus Control System | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program. | |||||
CVE-2001-1331 | 2 Debian, Progeny | 2 Debian Linux, Debian | 2024-02-04 | 1.2 LOW | N/A |
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks. | |||||
CVE-2003-1008 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application. | |||||
CVE-1999-0348 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. | |||||
CVE-1999-0796 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.5 HIGH | N/A |
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. | |||||
CVE-2003-1211 | 1 Maxwebportal | 1 Maxwebportal | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter. | |||||
CVE-2003-1033 | 1 Sap | 1 Sap Db | 2024-02-04 | 7.2 HIGH | N/A |
The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program. | |||||
CVE-2002-1013 | 1 Inktomi | 3 Media-ixt, Traffic Edge, Traffic Server | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argument. | |||||
CVE-2001-1297 | 1 Actionpoll | 1 Actionpoll | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter. | |||||
CVE-2001-0974 | 1 Oracle | 1 Internet Directory | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2004-0164 | 1 Kame | 1 Racoon | 2024-02-04 | 5.0 MEDIUM | N/A |
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c. | |||||
CVE-1999-0810 | 1 Samba | 1 Samba | 2024-02-04 | 10.0 HIGH | N/A |
Denial of service in Samba NETBIOS name service daemon (nmbd). | |||||
CVE-2003-0979 | 1 Freescripts | 1 Visitorbook | 2024-02-04 | 5.0 MEDIUM | N/A |
FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable. | |||||
CVE-2003-1185 | 1 Thwboard | 1 Thwboard | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php. | |||||
CVE-2004-2170 | 1 Niti Telecom | 1 Caravan Business Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | |||||
CVE-2004-0839 | 3 Avaya, Microsoft, Nortel | 18 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 15 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". |