Total
253975 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1404 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2024-02-04 | 5.0 MEDIUM | N/A |
IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attackers to cause a denial of service (resource exhaustion) via malformed data to the localtracker client port (5011), which prevents the connection from being closed properly. | |||||
CVE-1999-1128 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.1 MEDIUM | N/A |
Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands via a .isp file, which is automatically downloaded and executed without prompting the user. | |||||
CVE-2004-1990 | 1 Aldo Vargas | 1 Aldos Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request. | |||||
CVE-2001-1116 | 1 Identix | 1 Biologon | 2024-02-04 | 4.6 MEDIUM | N/A |
Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authentication through a secondary display. | |||||
CVE-2004-0488 | 8 Apache, Gentoo, Mandrakesoft and 5 more | 10 Http Server, Linux, Mandrake Linux and 7 more | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||||
CVE-1999-0869 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2024-02-04 | 2.6 LOW | N/A |
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. | |||||
CVE-2003-0124 | 1 Andries Brouwer | 1 Man | 2024-02-04 | 4.6 MEDIUM | N/A |
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. | |||||
CVE-2003-1280 | 1 Eekim | 1 Cgihtml | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. (dot dot) in multipart/form-data uploads. | |||||
CVE-2000-0978 | 1 Bb4 | 1 Big Brother Network Monitor | 2024-02-04 | 7.5 HIGH | N/A |
bbd server in Big Brother System and Network Monitor before 1.5c2 allows remote attackers to execute arbitrary commands via the "&" shell metacharacter. | |||||
CVE-2002-2215 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function. | |||||
CVE-2002-1724 | 1 Onlinetools.org | 1 Phpimageview | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter. | |||||
CVE-2003-1301 | 1 Sun | 1 Jre | 2024-02-04 | 5.0 MEDIUM | N/A |
Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. | |||||
CVE-2000-0167 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 2.1 LOW | N/A |
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | |||||
CVE-2004-0065 | 1 Phpgedview | 1 Phpgedview | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute arbitrary SQL via (1) timeline.php and (2) placelist.php. | |||||
CVE-2000-1030 | 1 Csandt | 1 Corporatetime For The Web | 2024-02-04 | 5.0 MEDIUM | N/A |
CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server. | |||||
CVE-2001-0543 | 1 Microsoft | 3 Exchange Server, Windows 2000, Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. | |||||
CVE-2003-0269 | 1 Youbin | 1 Youbin | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable. | |||||
CVE-2002-0229 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements. | |||||
CVE-2002-1901 | 1 Bodo Bauer | 1 Bbgallery | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags. | |||||
CVE-2000-0655 | 2 Mozilla, Netscape | 2 Mozilla, Communicator | 2024-02-04 | 5.0 MEDIUM | N/A |
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. |