Total
253942 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1242 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php. | |||||
CVE-2001-1468 | 1 Secure Reality | 1 Phpsecurepages | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2003-0523 | 1 Early Impact | 1 Productcart | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter. | |||||
CVE-2003-0584 | 1 Tolis Group | 1 Bru | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument. | |||||
CVE-2001-0336 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. | |||||
CVE-2004-0038 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-02-04 | 7.5 HIGH | N/A |
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81. | |||||
CVE-2002-2155 | 1 Cerulean Studios | 1 Trillian | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name. | |||||
CVE-1999-0768 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. | |||||
CVE-2004-1907 | 1 Kerio | 1 Personal Firewall | 2024-02-04 | 2.6 LOW | N/A |
The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13". | |||||
CVE-2002-1192 | 2 Netbsd, Rogue | 2 Netbsd, Rogue | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file. | |||||
CVE-2002-0989 | 1 Rob Flynn | 1 Gaim | 2024-02-04 | 7.5 HIGH | N/A |
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. | |||||
CVE-2002-2318 | 1 Blueface | 1 Falcon Web Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages. | |||||
CVE-1999-0815 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | |||||
CVE-1999-0423 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges. | |||||
CVE-2004-0943 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
CVE-2000-0089 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability. | |||||
CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||
CVE-2000-0730 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges. | |||||
CVE-2002-0309 | 1 Symantec | 1 Enterprise Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information. | |||||
CVE-2002-0901 | 1 Amanda | 1 Amanda | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar. |