Total
254001 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1738 | 1 Jshop E-commerce | 1 Jshop Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter. | |||||
CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | |||||
CVE-2000-1241 | 1 Sips | 1 Sips | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | |||||
CVE-2002-1966 | 1 My Postcards | 1 My Postcards Platinum | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | |||||
CVE-2004-2215 | 1 Marc Lehmann | 1 Rxvt-unicode | 2024-02-04 | 4.6 MEDIUM | N/A |
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. | |||||
CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2024-02-04 | 5.0 MEDIUM | N/A |
ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. | |||||
CVE-2004-0133 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device. | |||||
CVE-2004-1518 | 1 Phorum | 1 Phorum | 2024-02-04 | 4.6 MEDIUM | N/A |
SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated users to execute arbitrary SQL command via the forum_id parameter. | |||||
CVE-2004-0762 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2024-02-04 | 5.0 MEDIUM | N/A |
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. | |||||
CVE-2002-1419 | 1 Sgi | 1 Irix | 2024-02-04 | 7.5 HIGH | N/A |
The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address. | |||||
CVE-2000-1154 | 1 Joe Kloss | 1 Robinhood | 2024-02-04 | 5.0 MEDIUM | N/A |
RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
CVE-2001-0144 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-02-04 | 10.0 HIGH | N/A |
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. | |||||
CVE-2000-1001 | 1 Element N.v | 1 Element Instantshop | 2024-02-04 | 7.5 HIGH | N/A |
add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable. | |||||
CVE-2004-2107 | 1 Finjan Software | 1 Surfingate | 2024-02-04 | 7.5 HIGH | N/A |
Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server. | |||||
CVE-2002-1317 | 4 Hp, Sgi, Sun and 1 more | 5 Hp-ux, Irix, Solaris and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | |||||
CVE-2002-2424 | 1 Ekilat Llc | 1 Php\(reactor\) | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag. | |||||
CVE-2001-1073 | 1 Webridge | 1 Px Application Suite | 2024-02-04 | 5.0 MEDIUM | N/A |
Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables (1) APPL_PHYSICAL_PATH, (2) PATH_TRANSLATED, and (3) LOCAL_ADDR. | |||||
CVE-2002-1023 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 5.0 MEDIUM | N/A |
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. | |||||
CVE-2003-0023 | 1 Rxvt | 1 Rxvt | 2024-02-04 | 5.0 MEDIUM | N/A |
The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. |