Total
253993 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1315 | 1 Iplanet | 1 Iplanet Web Server | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316). | |||||
| CVE-1999-1468 | 4 Cray, Next, Sgi and 1 more | 4 Unicos, Next, Irix and 1 more | 2024-02-04 | 6.2 MEDIUM | N/A |
| rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. | |||||
| CVE-2003-0969 | 1 Mpg321 | 1 Mpg321 | 2024-02-04 | 7.5 HIGH | N/A |
| mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability. | |||||
| CVE-2001-0708 | 1 Denicomp | 1 Rexecd | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string. | |||||
| CVE-1999-0923 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 7.5 HIGH | N/A |
| Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. | |||||
| CVE-2001-0777 | 1 Omnicron | 1 Omnihttpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts. | |||||
| CVE-2004-0036 | 1 Jelsoft | 1 Vbulletin | 2024-02-04 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter. | |||||
| CVE-2002-2105 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 2.1 LOW | N/A |
| Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | |||||
| CVE-2003-1536 | 1 Dcp-portal | 1 Dcp-portal | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php. | |||||
| CVE-2003-1509 | 1 Realnetworks | 2 Realone Enterprise Desktop, Realone Player | 2024-02-04 | 10.0 HIGH | N/A |
| Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | |||||
| CVE-1999-0117 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
| AIX passwd allows local users to gain root access. | |||||
| CVE-2002-0848 | 1 Cisco | 2 Vpn 5000 Concentrator, Vpn 5000 Concentrator Series Software | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing. | |||||
| CVE-2004-0764 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2024-02-04 | 10.0 HIGH | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | |||||
| CVE-2002-0576 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message. | |||||
| CVE-2002-1608 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||||
| CVE-2004-1509 | 1 Webcalendar | 1 Webcalendar | 2024-02-04 | 5.0 MEDIUM | N/A |
| validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message. | |||||
| CVE-2000-0774 | 1 Bajie | 1 Java Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root. | |||||
| CVE-2003-0574 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028. | |||||
| CVE-2000-0455 | 1 David Bagley | 1 Xlock | 2024-02-04 | 2.1 LOW | N/A |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | |||||
| CVE-1999-1478 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. | |||||