Total
253993 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0046 | 1 Snapstream | 1 Snapstream Pvs | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' (double quote) character. | |||||
CVE-2002-2236 | 1 Apt-www-proxy | 1 Apt-www-proxy | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code. | |||||
CVE-2000-0161 | 1 Microsoft | 1 Site Server | 2024-02-04 | 7.5 HIGH | N/A |
Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands. | |||||
CVE-2002-2124 | 1 Nylon | 1 Nylon | 2024-02-04 | 5.0 MEDIUM | N/A |
The recvn and sendn functions in nylon 0.2 do not check when the recv function call returns 0, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) by closing the connection while recv is executing. | |||||
CVE-1999-1411 | 1 Debian | 1 Debian Linux | 2024-02-04 | 7.5 HIGH | N/A |
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. | |||||
CVE-2002-1823 | 1 Lonerunner | 1 Zeroo Http Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request. | |||||
CVE-2002-0512 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2024-02-04 | 4.6 MEDIUM | N/A |
startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries. | |||||
CVE-2004-1632 | 1 Moniwiki | 1 Moniwiki | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the arguments to wiki.php. | |||||
CVE-2003-0554 | 1 Neomodus | 1 Direct Connect | 2024-02-04 | 5.0 MEDIUM | N/A |
NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports. | |||||
CVE-2002-0233 | 1 Eshare Communications Inc. | 1 Eshare Expressions | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in eshare Expressions 4 Web server allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
CVE-2002-1570 | 1 Ucd-snmp | 1 Ucd-snmp | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array. | |||||
CVE-2002-1771 | 1 Matt Wright | 1 Formmail | 2024-02-04 | 5.0 MEDIUM | N/A |
Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname CGI variables. | |||||
CVE-2002-1886 | 1 Tightauction | 1 Tightauction | 2024-02-04 | 5.0 MEDIUM | N/A |
TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password. | |||||
CVE-2002-0505 | 1 Cisco | 1 Call Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords. | |||||
CVE-2001-0418 | 1 Ncm | 1 Ncm Content Management System | 2024-02-04 | 5.0 MEDIUM | N/A |
content.pl script in NCM Content Management System allows remote attackers to read arbitrary contents of the content database by inserting SQL characters into the id parameter. | |||||
CVE-2000-1217 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 4.6 MEDIUM | N/A |
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | |||||
CVE-2001-0679 | 1 Trend Micro | 1 Interscan Viruswall | 2024-02-04 | 10.0 HIGH | N/A |
A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server. | |||||
CVE-2004-1424 | 1 Moodle | 1 Moodle | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
CVE-1999-1501 | 1 Sgi | 1 Irix | 2024-02-04 | 4.6 MEDIUM | N/A |
(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | |||||
CVE-2001-1156 | 1 Typsoft | 1 Typsoft Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR. |