Total
253942 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1368 | 1 Broadcom | 1 Inoculateit | 2024-02-04 | 7.5 HIGH | N/A |
AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox. | |||||
CVE-2001-1127 | 1 Progress | 1 Progress | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump. | |||||
CVE-2002-1833 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2024-02-04 | 7.5 HIGH | N/A |
The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges. | |||||
CVE-2000-0825 | 1 Ipswitch | 1 Imail | 2024-02-04 | 5.0 MEDIUM | N/A |
Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. | |||||
CVE-2001-0019 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2024-02-04 | 2.1 LOW | N/A |
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. | |||||
CVE-2004-1754 | 1 Symantec | 2 Enterprise Firewall, Gateway Security | 2024-02-04 | 5.0 MEDIUM | N/A |
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. | |||||
CVE-2000-1188 | 1 I-soft | 1 Quikstore | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter. | |||||
CVE-2002-0474 | 1 Zeroforum | 1 Zeroforum | 2024-02-04 | 5.1 MEDIUM | N/A |
Cross-site scripting vulnerability in ZeroForum allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within IMG image tag. | |||||
CVE-2001-0917 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension. | |||||
CVE-2002-0329 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag. | |||||
CVE-2004-1530 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters. | |||||
CVE-1999-1117 | 1 Ibm | 1 Aix | 2024-02-04 | 2.1 LOW | N/A |
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. | |||||
CVE-2000-0921 | 1 Hassan Consulting | 1 Shopping Cart | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | |||||
CVE-2000-0311 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 2.1 LOW | N/A |
The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability. | |||||
CVE-2004-0408 | 1 Michael Bacarella | 1 Ident2 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code. | |||||
CVE-1999-1275 | 1 Ibm | 1 Lotus Cc Mail | 2024-02-04 | 4.6 MEDIUM | N/A |
Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. | |||||
CVE-2001-0027 | 1 Proftpd Project | 1 Proftpd | 2024-02-04 | 7.5 HIGH | N/A |
mod_sqlpw module in ProFTPD does not reset a cached password when a user uses the "user" command to change accounts, which allows authenticated attackers to gain privileges of other users. | |||||
CVE-2000-0156 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.1 MEDIUM | N/A |
Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. | |||||
CVE-2002-2299 | 1 Atthat.com | 1 Thatware | 2024-02-04 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in thatfile.php in Thatware 0.3 through 0.5.2 allows remote attackers to execute arbitrary PHP code via the root_path parameter. | |||||
CVE-2002-0471 | 1 Phpnettoolpack | 1 Phpnettoolpack | 2024-02-04 | 10.0 HIGH | N/A |
PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable. |