Total
253921 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0955 | 1 Cisco | 1 Virtual Central Office 4000 | 2024-02-04 | 7.5 HIGH | N/A |
| Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges. | |||||
| CVE-2002-1292 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-04 | 7.5 HIGH | N/A |
| The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by modifying the (1) deniedDefinitionPackages or (2) deniedAccessPackages settings, causing a denial of service by adding Java applets to the list of applets that are prevented from running. | |||||
| CVE-2004-1874 | 1 Alan Ward | 1 A-cart | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp and (2) billing.asp in A-CART Pro and A-CART 2.0 allow remote attackers to inject arbitrary web script or HTML via the user information forms. | |||||
| CVE-2001-1538 | 1 Speedxess | 1 Ha-120 Dsl Router | 2024-02-04 | 7.5 HIGH | N/A |
| SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access. | |||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | |||||
| CVE-2002-2265 | 2 Hp, Open Source Internet Solutions | 2 Tru64, Open Source Internet Solutions | 2024-02-04 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions (OSIS) 5.4 running on Tru64 UNIX 4.0G and 4.0F allows remote attackers to gain access to arbitrary files or gain privileges via unknown attack vectors. | |||||
| CVE-2004-1675 | 1 Solarwinds | 1 Serv-u File Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. | |||||
| CVE-2002-2189 | 2 Activxperts Software, Microsoft | 2 Activwebserver, Windows 2003 Server | 2024-02-04 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link. | |||||
| CVE-2001-1135 | 1 Zyxel | 1 Prestige | 2024-02-04 | 7.5 HIGH | N/A |
| ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Telnet and FTP ports on the external WAN interface from inside access, allowing someone on an internal computer to reconfigure the router, if the password is known. | |||||
| CVE-2002-1489 | 1 Planetdns | 1 Planetweb | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name. | |||||
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2024-02-04 | 7.5 HIGH | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | |||||
| CVE-2001-0321 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
| opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. | |||||
| CVE-2004-2178 | 1 Devoybb | 1 Devoybb Web Forum | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2003-0657 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions. | |||||
| CVE-2004-2254 | 1 Netwin | 1 Surgeldap | 2024-02-04 | 7.5 HIGH | N/A |
| SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. | |||||
| CVE-2003-0346 | 1 Microsoft | 1 Directx | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow. | |||||
| CVE-2003-1228 | 1 Mathopd | 1 Mathopd | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. | |||||
| CVE-2001-0701 | 1 Sun | 1 Sunvts | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument. | |||||
| CVE-2001-0397 | 1 Silent Runner | 1 Silent Runner Collector Src | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO command. | |||||
| CVE-2003-0536 | 1 Phpsysinfo | 1 Phpsysinfo | 2024-02-04 | 3.6 LOW | N/A |
| Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters. | |||||