Total
254033 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1925 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ranking.php, (4) tiki-browse_categories.php, (5) tiki-index.php, (6) tiki-user_tasks.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-file_galleries.php, (10) tiki-list_faqs.php, (11) tiki-list_trackers.php, (12) tiki-list_blogs.php, or via the offset parameter in (13) tiki-usermenu.php, (14) tiki-browse_categories.php, (15) tiki-index.php, (16) tiki-user_tasks.php, (17) tiki-list_faqs.php, (18) tiki-list_trackers.php, or (19) tiki-list_blogs.php. | |||||
CVE-2002-0440 | 1 Trend Micro | 1 Interscan Viruswall | 2024-02-04 | 7.5 HIGH | N/A |
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients. | |||||
CVE-2004-1384 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php. | |||||
CVE-2002-1475 | 1 Hp | 1 Tru64 | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service. | |||||
CVE-2001-0118 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-04 | 1.2 LOW | N/A |
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2003-1558 | 1 Fefe | 1 Fnord | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function. | |||||
CVE-2003-0555 | 1 Imagemagick | 1 Imagemagick | 2024-02-04 | 7.5 HIGH | N/A |
ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability. | |||||
CVE-2002-0605 | 1 Macromedia | 1 Flash Player | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary code via a long movie parameter. | |||||
CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 2.6 LOW | N/A |
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||
CVE-2002-1313 | 1 Nullmailer | 1 Nullmailer | 2024-02-04 | 2.1 LOW | N/A |
nullmailer 1.00RC5 and earlier allows local users to cause a denial of service via an email to a local user that does not exist, which generates an error that causes nullmailer to stop sending mail to all users. | |||||
CVE-2001-0714 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 2.1 LOW | N/A |
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS option. | |||||
CVE-2003-1043 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 10.0 HIGH | N/A |
SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi. | |||||
CVE-2002-2182 | 1 Seunghyun Seo | 1 Msn666 | 2024-02-04 | 6.4 MEDIUM | N/A |
Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 allows remote attackers to execute arbitrary code via a long MSN packet. | |||||
CVE-2002-1414 | 1 Inter7 | 1 Qmailadmin | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable. | |||||
CVE-2002-0690 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings. | |||||
CVE-1999-0209 | 1 Sun | 1 Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
The SunView (SunTools) selection_svc facility allows remote users to read files. | |||||
CVE-2002-2059 | 1 Intel | 4 D845bg Motherboard, D845hv Motherboard, D845pt Motherboard and 1 more | 2024-02-04 | 4.6 MEDIUM | N/A |
BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via the F8 key. | |||||
CVE-2004-2019 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message. | |||||
CVE-2000-0273 | 1 Symantec | 1 Pcanywhere | 2024-02-04 | 5.0 MEDIUM | N/A |
PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. | |||||
CVE-2002-0500 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size. |