Total
253990 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0521 | 1 Asp-nuke | 1 Asp-nuke | 2024-02-04 | 5.1 MEDIUM | N/A |
Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp. | |||||
CVE-2004-0325 | 1 Typsoft | 1 Typsoft Ftp Server | 2024-02-04 | 2.1 LOW | N/A |
TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via "//../" arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstrated using "//../qwerty". | |||||
CVE-2000-1098 | 1 Sonicwall | 1 Soho Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. | |||||
CVE-2002-0337 | 1 Realnetworks | 1 Realplayer | 2024-02-04 | 5.4 MEDIUM | N/A |
RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. | |||||
CVE-1999-1181 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. | |||||
CVE-2004-1879 | 1 Phpkit | 1 Phpkit | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages. | |||||
CVE-2001-1480 | 2 Apple, Sun | 4 Mac Os Runtime For Java, Jdk, Jre and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard. | |||||
CVE-2000-0633 | 3 Conectiva, Mandrakesoft, Redhat | 3 Linux, Mandrake Linux, Linux | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. | |||||
CVE-2001-0863 | 1 Cisco | 1 12000 Router | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. | |||||
CVE-2001-1160 | 1 Microburst | 1 Udirectory | 2024-02-04 | 7.5 HIGH | N/A |
udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field. | |||||
CVE-2000-0521 | 1 Michael Lamont | 1 Savant Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number. | |||||
CVE-1999-0410 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. | |||||
CVE-2004-1852 | 1 Solarwinds | 1 Dameware Mini Remote Control | 2024-02-04 | 5.0 MEDIUM | N/A |
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information. | |||||
CVE-2002-1340 | 1 Microsoft | 1 Office Web Components | 2024-02-04 | 5.0 MEDIUM | N/A |
The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception. | |||||
CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 7.5 HIGH | N/A |
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
CVE-2002-1318 | 3 Hp, Samba, Sgi | 3 Cifs-9000 Server, Samba, Irix | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | |||||
CVE-1999-1384 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. | |||||
CVE-2004-1959 | 1 Protector System | 1 Protector System | 2024-02-04 | 5.0 MEDIUM | N/A |
blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows remote attackers to gain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | |||||
CVE-2004-0282 | 1 Crob | 1 Crob Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server. | |||||
CVE-2002-0664 | 1 Granite Software | 1 Zmerge | 2024-02-04 | 7.5 HIGH | N/A |
The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts. |