Total
254106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0351 | 1 Matt Blaze | 1 Cfs | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x before 1.4.1-5, allow remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2004-1857 | 1 Hp | 1 Web Jetadmin | 2024-02-04 | 2.1 LOW | N/A |
| Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter. | |||||
| CVE-2004-0096 | 1 Apache | 1 Mod Python | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973. | |||||
| CVE-2001-0133 | 1 Trend Micro | 1 Interscan Viruswall | 2024-02-04 | 10.0 HIGH | N/A |
| The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords. | |||||
| CVE-2001-0136 | 4 Conectiva, Debian, Mandrakesoft and 1 more | 4 Linux, Debian Linux, Mandrake Linux and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed. | |||||
| CVE-2004-1746 | 1 Php Code Snippet Library | 1 Php Code Snippet Library | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters. | |||||
| CVE-2002-1667 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
| The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory map created with MAP_ANON and MAP_NOSYNC flags. | |||||
| CVE-2002-1131 | 1 Squirrelmail | 1 Squirrelmail | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php. | |||||
| CVE-2004-0475 | 1 Microsoft | 1 Ie | 2024-02-04 | 5.1 MEDIUM | N/A |
| The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041. | |||||
| CVE-2001-0575 | 1 Sco | 1 Openserver | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut. | |||||
| CVE-2002-1109 | 1 Amavis | 1 Virus Scanner | 2024-02-04 | 2.1 LOW | N/A |
| securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter. | |||||
| CVE-2004-1331 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
| The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command. | |||||
| CVE-2003-0719 | 1 Microsoft | 7 Netmeeting, Windows 2000, Windows 2003 Server and 4 more | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. | |||||
| CVE-2000-1140 | 1 Recourse Technologies | 1 Mantrap | 2024-02-04 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem. | |||||
| CVE-2003-0036 | 1 Rildo Pragana | 1 Ml85p | 2024-02-04 | 6.2 MEDIUM | N/A |
| ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d". | |||||
| CVE-2002-1255 | 1 Microsoft | 1 Outlook | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail." | |||||
| CVE-2001-1351 | 1 Namazu | 1 Namazu | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers. | |||||
| CVE-2003-1358 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. | |||||
| CVE-1999-1033 | 1 Microsoft | 1 Outlook Express | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang. | |||||
| CVE-2004-1753 | 2 Mozilla, Netscape | 3 Firefox, Mozilla, Navigator | 2024-02-04 | 2.6 LOW | N/A |
| The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | |||||