Total
253847 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0477 | 1 3com | 1 3cp4144 | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass authentication via repeated attempts using any username and password. NOTE: this identifier was inadvertently re-used for another issue due to a typo; that issue was assigned CVE-2004-0447. This candidate is ONLY for the ADSL router bypass. | |||||
CVE-1999-0757 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 2.1 LOW | N/A |
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. | |||||
CVE-2000-0401 | 1 Pdgsoft | 1 Pdg Shopping Cart | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. | |||||
CVE-1999-0151 | 1 Satan | 1 Satan | 2024-02-04 | 7.6 HIGH | N/A |
The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access. | |||||
CVE-2003-1214 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions. | |||||
CVE-2001-0593 | 1 Anaconda Partners | 1 Clipper | 2024-02-04 | 5.0 MEDIUM | N/A |
Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the template parameter. | |||||
CVE-2002-2345 | 1 Oracle | 1 Application Server | 2024-02-04 | 7.5 HIGH | N/A |
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. | |||||
CVE-2000-0676 | 1 Netscape | 1 Communicator | 2024-02-04 | 5.0 MEDIUM | N/A |
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice. | |||||
CVE-1999-0483 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 2.1 LOW | N/A |
OpenBSD crash using nlink value in FFS and EXT2FS filesystems. | |||||
CVE-1999-0662 | 2024-02-04 | 10.0 HIGH | N/A | ||
A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete. | |||||
CVE-2000-0635 | 1 Akopia | 1 Minivend | 2024-02-04 | 7.5 HIGH | N/A |
The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2000-0569 | 1 Sybergen | 1 Sygate | 2024-02-04 | 5.0 MEDIUM | N/A |
Sybergen Sygate allows remote attackers to cause a denial of service by sending a malformed DNS UDP packet to its internal interface. | |||||
CVE-2003-1376 | 1 Winzip | 1 Winzip | 2024-02-04 | 4.6 MEDIUM | N/A |
WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. | |||||
CVE-2002-1551 | 1 Ibm | 1 Aix | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code. | |||||
CVE-1999-1091 | 2 Rtin, Tin | 2 Rtin, Tin | 2024-02-04 | 5.0 MEDIUM | N/A |
UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack. | |||||
CVE-2003-0204 | 1 Kde | 1 Kde | 2024-02-04 | 7.5 HIGH | N/A |
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer. | |||||
CVE-2002-0185 | 1 Apache | 1 Mod Python | 2024-02-04 | 7.5 HIGH | N/A |
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | |||||
CVE-2004-1860 | 1 Xmb Forum | 1 Xmb | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker. | |||||
CVE-2001-0541 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file. | |||||
CVE-2001-1448 | 1 Magic | 1 Edeveloper | 2024-02-04 | 4.6 MEDIUM | N/A |
Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts. |