Total
253990 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1882 | 1 Oracle | 1 E-business Suite | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors. | |||||
CVE-2004-1786 | 1 Iatek | 1 Portalapp | 2024-02-04 | 5.0 MEDIUM | N/A |
PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb. | |||||
CVE-1999-0520 | 2024-02-04 | 6.4 MEDIUM | N/A | ||
A system-critical NETBIOS/SMB share has inappropriate access control. | |||||
CVE-2002-1554 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-04 | 4.6 MEDIUM | N/A |
Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | |||||
CVE-1999-0761 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. | |||||
CVE-2004-0214 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 98 and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | |||||
CVE-2004-0620 | 1 Jelsoft | 1 Vbulletin | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote attackers to inject arbitrary HTML or script as other users via the Edit-panel. | |||||
CVE-2003-1122 | 1 Scriptlogic | 1 Scriptlogic | 2024-02-04 | 2.1 LOW | N/A |
ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ share, which allows users to modify log records and possibly execute arbitrary code. | |||||
CVE-2004-1816 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | |||||
CVE-2000-1050 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). | |||||
CVE-2004-0651 | 1 Sun | 2 Jre, Sdk | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). | |||||
CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2024-02-04 | 5.0 MEDIUM | N/A |
Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | |||||
CVE-2004-1778 | 1 Skype | 1 Skype | 2024-02-04 | 4.6 MEDIUM | N/A |
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks. | |||||
CVE-2000-0849 | 1 Microsoft | 1 Windows Media Services | 2024-02-04 | 2.6 LOW | N/A |
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability. | |||||
CVE-1999-1510 | 1 Bisonware | 1 Bisonware Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands. | |||||
CVE-2002-1715 | 1 Ssh | 2 Ssh, Ssh2 | 2024-02-04 | 7.2 HIGH | N/A |
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | |||||
CVE-2004-1446 | 1 Juniper | 1 Netscreen Screenos | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. | |||||
CVE-1999-0091 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in AIX writesrv command allows local users to obtain root access. | |||||
CVE-2004-1790 | 1 Edimax | 1 Full Rate Adsl Router | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
CVE-1999-0453 | 1 Cisco | 1 Router | 2024-02-04 | 5.0 MEDIUM | N/A |
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP). |