Total
254043 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-1196 | 1 Netscape | 1 Publishingxpert | 2024-02-04 | 5.0 MEDIUM | N/A |
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter. | |||||
CVE-2003-0062 | 1 Eset Software | 1 Nod32 Antivirus | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. | |||||
CVE-2001-1332 | 1 Easy Software Products | 1 Cups | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code. | |||||
CVE-2002-0864 | 1 Microsoft | 4 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." | |||||
CVE-2004-0216 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 10.0 HIGH | N/A |
Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | |||||
CVE-2002-2001 | 2 Jmcce, Mandrakesoft | 2 Jmcce, Mandrake Linux | 2024-02-04 | 1.2 LOW | N/A |
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0559 | 1 Paul Vixie | 1 Vixie Cron | 2024-02-04 | 7.2 HIGH | N/A |
crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error. | |||||
CVE-2004-0110 | 2 Sgi, Xmlsoft | 3 Propack, Libxml, Libxml2 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. | |||||
CVE-2001-1086 | 1 Xfree86 Project | 1 X11r6 | 2024-02-04 | 7.5 HIGH | N/A |
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack. | |||||
CVE-2004-2156 | 1 Recruitment Agency Software | 1 Online Recruitment Agency | 2024-02-04 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors. | |||||
CVE-1999-1233 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 7.5 HIGH | N/A |
IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. | |||||
CVE-2003-0459 | 2 Kde, Redhat | 8 Konqueror, Konqueror Embedded, Analog Real-time Synthesizer and 5 more | 2024-02-04 | 5.0 MEDIUM | N/A |
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. | |||||
CVE-1999-0738 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
CVE-2001-0896 | 1 Sco | 1 Openserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. | |||||
CVE-2004-1825 | 1 Mambo | 1 Mambo Open Source | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) return or (2) mos_change_template parameters. | |||||
CVE-2004-1420 | 1 Whm | 1 Autopilot | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in header.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) site_title or (2) http_images parameter. | |||||
CVE-2002-1860 | 1 Pramati | 1 Pramati Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
CVE-2003-0314 | 1 Snowblind.net | 1 Snowblind Web Server | 2024-02-04 | 6.4 MEDIUM | N/A |
Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence. | |||||
CVE-1999-0202 | 1 University Of Washington | 1 Wu-ftpd | 2024-02-04 | 7.5 HIGH | N/A |
The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands. | |||||
CVE-2002-0661 | 1 Apache | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters. |