Total
254034 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0721 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-04 | 10.0 HIGH | N/A |
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt. | |||||
CVE-2001-1573 | 1 Trend Micro | 1 Interscan Viruswall | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter. | |||||
CVE-2003-1227 | 1 Gallery Project | 1 Gallery | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue might be exploitable only during installation, or if the administrator has not run a security script after installation. | |||||
CVE-2002-1075 | 1 David Harris | 1 Pegasus Mail | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers. | |||||
CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2024-02-04 | 7.5 HIGH | N/A |
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | |||||
CVE-2002-2222 | 2 Freebsd, Openbsd | 2 Ports Collection, Openbsd | 2024-02-04 | 5.1 MEDIUM | N/A |
isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence. | |||||
CVE-2004-0625 | 1 Websoft | 1 Infinity Web | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via the login page. | |||||
CVE-2004-1638 | 1 Tabs Laboratories | 1 Mailcarrier | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command. | |||||
CVE-2004-1944 | 1 Qualcomm | 1 Eudora | 2024-02-04 | 5.0 MEDIUM | N/A |
Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message. | |||||
CVE-2001-0216 | 1 Mnscu Pals | 1 Webpals | 2024-02-04 | 7.5 HIGH | N/A |
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter. | |||||
CVE-1999-1217 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 4.6 MEDIUM | N/A |
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories. | |||||
CVE-2001-1478 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code. | |||||
CVE-2002-2418 | 1 Acfp Project | 1 Acfreeproxy | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page. | |||||
CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2024-02-04 | 7.5 HIGH | N/A |
NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
CVE-1999-0572 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 9.3 HIGH | N/A |
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. | |||||
CVE-2002-1998 | 1 Sco | 2 Open Unix, Unixware | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | |||||
CVE-2004-0908 | 1 Mozilla | 2 Mozilla, Thunderbird | 2024-02-04 | 4.0 MEDIUM | N/A |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins. | |||||
CVE-2003-0493 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-04 | 10.0 HIGH | N/A |
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID. | |||||
CVE-2001-0633 | 1 Sun | 1 Chilisoft | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'. | |||||
CVE-2001-0307 | 1 Bajie | 1 Java Http Server | 2024-02-04 | 7.5 HIGH | N/A |
Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist. |