Total
254104 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1998 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message. | |||||
CVE-1999-1063 | 1 Cdomain | 1 Cdomainfree | 2024-02-04 | 10.0 HIGH | N/A |
CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter. | |||||
CVE-1999-0183 | 2 Linux, Tftp | 2 Linux Kernel, Tftp | 2024-02-04 | 6.4 MEDIUM | N/A |
Linux implementations of TFTP would allow access to files outside the restricted directory. | |||||
CVE-2004-0468 | 1 Juniper | 1 Junos | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets. | |||||
CVE-1999-1215 | 1 Novell | 1 Netware | 2024-02-04 | 4.6 MEDIUM | N/A |
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. | |||||
CVE-2003-0980 | 1 Freescripts | 1 Visitorbook | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, (3) via quote marks or ampersands in other parameters. | |||||
CVE-2002-0863 | 1 Microsoft | 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | |||||
CVE-2000-0897 | 1 Max Feoktistov | 1 Small Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed. | |||||
CVE-2002-2079 | 2 Mosix Project, Openmosix Project | 2 Mosix, Openmosix | 2024-02-04 | 5.0 MEDIUM | N/A |
mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets. | |||||
CVE-2004-2185 | 1 Mediawiki | 1 Mediawiki | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage. | |||||
CVE-2004-0869 | 1 Microsoft | 1 Ie | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | |||||
CVE-2002-0714 | 1 Squid | 1 Squid | 2024-02-04 | 7.5 HIGH | N/A |
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses. | |||||
CVE-2003-1296 | 1 Efs Software | 1 Efs Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument. | |||||
CVE-2004-1823 | 1 Jelsoft | 1 Vbulletin | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php. | |||||
CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | |||||
CVE-2001-0166 | 1 Macromedia | 1 Shockwave Flash Plugin | 2024-02-04 | 7.6 HIGH | N/A |
Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. | |||||
CVE-2002-0318 | 1 Freeradius | 1 Freeradius | 2024-02-04 | 5.0 MEDIUM | N/A |
FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | |||||
CVE-2002-1215 | 1 Linux-ha | 1 Heartbeat | 2024-02-04 | 10.0 HIGH | N/A |
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources). | |||||
CVE-2001-1368 | 1 Iplanet | 1 Iplanet Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data. | |||||
CVE-2003-1407 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. |