Total
253999 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1926 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-02-04 | 7.5 HIGH | N/A |
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or the (5) Name, (6) Description, (7) URL, or (8) Country fields in a Directory/Add Site operation. | |||||
CVE-2003-0015 | 2 Cvs, Freebsd | 2 Cvs, Freebsd | 2024-02-04 | 7.5 HIGH | N/A |
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. | |||||
CVE-1999-0700 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 6.2 MEDIUM | N/A |
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. | |||||
CVE-2004-0707 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL. | |||||
CVE-2003-1006 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | |||||
CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2024-02-04 | 5.1 MEDIUM | N/A |
NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
CVE-2003-0772 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ipswitch Ws Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments. | |||||
CVE-2003-0851 | 2 Cisco, Openssl | 5 Css11000 Content Services Switch, Ios, Pix Firewall and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | |||||
CVE-2002-1200 | 1 Oneidentity | 1 Syslog-ng | 2024-02-04 | 7.5 HIGH | N/A |
Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-1999-0998 | 1 Cisco | 1 Cache Engine | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco Cache Engine allows an attacker to replace content in the cache. | |||||
CVE-2004-1882 | 1 Cactusoft | 1 Cactushop | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter. | |||||
CVE-1999-0436 | 1 Hp | 2 Desms, Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | |||||
CVE-1999-0877 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 4.3 MEDIUM | N/A |
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME. | |||||
CVE-2004-1717 | 1 Gv | 1 Gv | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value. | |||||
CVE-2004-2000 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php. | |||||
CVE-2000-0589 | 1 Sawmill | 1 Sawmill | 2024-02-04 | 7.5 HIGH | N/A |
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration. | |||||
CVE-2004-0203 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query. | |||||
CVE-1999-0879 | 2 Bsdi, Caldera | 2 Bsd Os, Openlinux | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. | |||||
CVE-2002-2104 | 1 Ganglia | 1 Php Rrd Web Client | 2024-02-04 | 7.5 HIGH | N/A |
graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands via the command parameter, which is provided to the passthru function. | |||||
CVE-2001-0801 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. |