Total
253987 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1929 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers to bypass authentication and gain access by injecting base64-encoded SQL code into the user parameter. | |||||
| CVE-2003-0144 | 4 Bsd, Freebsd, Lprold and 1 more | 4 Lpr, Freebsd, Lprold and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | |||||
| CVE-2002-0741 | 1 Psychoid | 1 Psybnc | 2024-02-04 | 5.0 MEDIUM | N/A |
| psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC. | |||||
| CVE-2001-1525 | 1 Easyscripts | 1 Easynews | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter. | |||||
| CVE-2004-1324 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 2.6 LOW | N/A |
| The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer. | |||||
| CVE-2001-0333 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. | |||||
| CVE-1999-0735 | 1 Kde | 1 K-mail | 2024-02-04 | 4.6 MEDIUM | N/A |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. | |||||
| CVE-2004-0847 | 1 Microsoft | 1 Asp.net | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability." | |||||
| CVE-2000-0047 | 1 Yahoo | 1 Pager | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. | |||||
| CVE-2002-0983 | 1 Irssi | 1 Irssi | 2024-02-04 | 5.0 MEDIUM | N/A |
| IRC client irssi in irssi-text before 0.8.4 allows remote attackers to cause a denial of service (crash) via an IRC channel that has a long topic followed by a certain string, possibly triggering a buffer overflow. | |||||
| CVE-2000-1112 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 4.6 MEDIUM | N/A |
| Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability. | |||||
| CVE-2000-0004 | 1 Zbsoft | 1 Zbserver | 2024-02-04 | 5.0 MEDIUM | N/A |
| ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL. | |||||
| CVE-2002-1134 | 1 Hp | 1 Webes Service Tools | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files. | |||||
| CVE-2002-0490 | 1 Instant Web Mail | 1 Instant Web Mail | 2024-02-04 | 10.0 HIGH | N/A |
| Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php. | |||||
| CVE-1999-0386 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL. | |||||
| CVE-2002-2074 | 1 Erwin Lansing | 1 Mailidx | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page. | |||||
| CVE-2004-2205 | 1 Symantec Veritas | 1 Cluster Server | 2024-02-04 | 7.2 HIGH | N/A |
| Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors. | |||||
| CVE-2004-2008 | 1 Adam Webb | 1 Nukejokes | 2024-02-04 | 4.6 MEDIUM | N/A |
| SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter. | |||||
| CVE-2004-0390 | 1 Sco | 1 Openserver | 2024-02-04 | 7.5 HIGH | N/A |
| SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. | |||||
| CVE-2002-1104 | 1 Cisco | 1 Vpn Client | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS). | |||||