Total
254009 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1529 | 1 Surfcontrol | 1 Superscout Email Filter | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter. | |||||
CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2024-02-04 | 2.1 LOW | N/A |
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. | |||||
CVE-2002-1602 | 1 Gnu | 1 Screen | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code. | |||||
CVE-2003-1497 | 1 Linksys | 1 Befsx41 | 2024-02-04 | 6.3 MEDIUM | N/A |
Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. | |||||
CVE-2002-2230 | 1 Ikonboard | 1 Ikonboard | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328. | |||||
CVE-2002-0771 | 1 Viewcvs | 1 Viewcvs | 2024-02-04 | 6.4 MEDIUM | N/A |
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters. | |||||
CVE-2003-0822 | 1 Microsoft | 4 Frontpage Server Extensions, Sharepoint Team Services, Windows 2000 and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. | |||||
CVE-2000-0900 | 1 Acme Labs | 1 Thttpd | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack. | |||||
CVE-2000-0563 | 1 Apple | 1 Mac Os Runtime For Java | 2024-02-04 | 10.0 HIGH | N/A |
The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. | |||||
CVE-2004-1913 | 2 Francisco Burzi, Shiba-design | 2 Php-nuke, Nukecalendar | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to inject arbitrary web script or HTML via the eid parameter. | |||||
CVE-1999-1172 | 1 Maximizer | 1 Maximizer Enterprise | 2024-02-04 | 5.0 MEDIUM | N/A |
By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared. | |||||
CVE-2004-0017 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations. | |||||
CVE-2004-1411 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2024-02-04 | 2.6 LOW | N/A |
Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. | |||||
CVE-2001-1207 | 1 Daydream | 1 Daydream Bbs | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA. | |||||
CVE-2002-0817 | 1 William Deich | 1 Super | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument. | |||||
CVE-2002-1195 | 1 Gabriele Bartolini | 1 Ht Check | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page. | |||||
CVE-2000-0283 | 1 Sgi | 1 Irix | 2024-02-04 | 6.4 MEDIUM | N/A |
The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. | |||||
CVE-2001-1422 | 1 Att | 1 Winvnc | 2024-02-04 | 7.5 HIGH | N/A |
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | |||||
CVE-2003-0359 | 1 Stichting Mathematisch Centrum | 1 Nethack | 2024-02-04 | 4.6 MEDIUM | N/A |
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code. | |||||
CVE-1999-1131 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization. |