Total
253940 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1556 | 1 Mywebserver | 1 Mywebserver | 2024-02-04 | 5.0 MEDIUM | N/A |
MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time. | |||||
CVE-2002-1842 | 1 Perlbot | 1 Perlbot | 2024-02-04 | 7.5 HIGH | N/A |
Perlbot 1.0 beta allows remote attackers to execute arbitrary commands via shell metacharacters in (1) a word that is being spell checked or (2) an e-mail address. | |||||
CVE-2000-0307 | 1 Sco | 3 Open Desktop, Openserver, Unixware | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. | |||||
CVE-1999-0448 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | |||||
CVE-2004-2155 | 1 Online-bookmarks | 1 Web Based Bookmark Application | 2024-02-04 | 7.5 HIGH | N/A |
Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php. | |||||
CVE-2003-1060 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference. | |||||
CVE-2004-1685 | 1 Smc Networks | 2 Smc7004vwbr, Smc7008abr | 2024-02-04 | 7.5 HIGH | N/A |
SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages. | |||||
CVE-2000-0252 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2024-02-04 | 5.0 MEDIUM | N/A |
The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable. | |||||
CVE-2001-0338 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.1 MEDIUM | N/A |
Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." | |||||
CVE-2002-0994 | 1 Sun | 1 Sun Pci Ii Driver | 2024-02-04 | 7.5 HIGH | N/A |
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications. | |||||
CVE-1999-0930 | 1 Matt Wright | 1 Wwwboard | 2024-02-04 | 5.0 MEDIUM | N/A |
wwwboard allows a remote attacker to delete message board articles via a malformed argument. | |||||
CVE-2000-1034 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability. | |||||
CVE-2004-1550 | 1 Motorola | 1 Wr850g | 2024-02-04 | 7.5 HIGH | N/A |
Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on. | |||||
CVE-2003-1332 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | |||||
CVE-2002-0875 | 2 Debian, Sgi | 3 Debian Linux, Fam, Irix | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. | |||||
CVE-2000-0767 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability. | |||||
CVE-2002-1919 | 1 Virtual Programming | 1 Vp-asp | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields. | |||||
CVE-2004-0536 | 1 Tripwire | 1 Tripwire | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report. | |||||
CVE-2003-1219 | 1 Oscommerce | 1 Oscommerce | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter. | |||||
CVE-2003-1396 | 1 Opera | 1 Opera Browser | 2024-02-04 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension. |