Total
253954 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1388 | 1 Opera | 1 Opera Browser | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. | |||||
CVE-2004-2235 | 1 Moodle | 1 Moodle | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | |||||
CVE-2000-0464 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.6 HIGH | N/A |
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. | |||||
CVE-2004-1656 | 1 Comersus Open Technologies | 1 Comersus Cart | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter. | |||||
CVE-1999-1515 | 1 Tenfour | 1 Tfs Gateway | 2024-02-04 | 5.0 MEDIUM | N/A |
A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which causes the gateway to continuously try to return the message every 10 seconds. | |||||
CVE-2001-1513 | 1 Macromedia | 1 Jrun | 2024-02-04 | 7.5 HIGH | N/A |
Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx. | |||||
CVE-2003-0573 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. | |||||
CVE-2002-0017 | 1 Sgi | 1 Irix | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request. | |||||
CVE-2002-0114 | 1 Emc | 1 Networker | 2024-02-04 | 4.6 MEDIUM | N/A |
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | |||||
CVE-1999-0424 | 1 Netscape | 1 Communicator | 2024-02-04 | 2.1 LOW | N/A |
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. | |||||
CVE-1999-0843 | 1 Cisco | 1 Router | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port. | |||||
CVE-2004-2244 | 1 Oracle | 2 Application Server, Oracle9i | 2024-02-04 | 5.0 MEDIUM | N/A |
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD. | |||||
CVE-2002-2316 | 1 Cisco | 1 Catos | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | |||||
CVE-2001-1502 | 1 Mountain Network Systems | 1 Webcart | 2024-02-04 | 7.5 HIGH | N/A |
webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter. | |||||
CVE-2003-1286 | 1 Sambar | 1 Sambar Server | 2024-02-04 | 7.5 HIGH | N/A |
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests. | |||||
CVE-2002-1558 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-04 | 10.0 HIGH | N/A |
Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | |||||
CVE-2000-0740 | 1 Network Associates | 1 Net Tools Pki Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port. | |||||
CVE-2002-1505 | 1 Woltlab | 1 Burning Board | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter. | |||||
CVE-2000-1037 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 7.5 HIGH | N/A |
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. | |||||
CVE-1999-0571 | 2024-02-04 | 10.0 HIGH | N/A | ||
A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts. |