Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2200 | 1 Duware | 1 Duforum | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text. | |||||
CVE-1999-0753 | 1 Hughes | 1 Msql | 2024-02-04 | 7.5 HIGH | N/A |
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories. | |||||
CVE-2001-1203 | 1 Alessandro Rubini | 1 Gpm | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. | |||||
CVE-2004-0115 | 1 Microsoft | 1 Virtual Pc | 2024-02-04 | 4.6 MEDIUM | N/A |
VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file. | |||||
CVE-2004-0345 | 1 Volition | 1 Red Faction | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary code via a long server name. | |||||
CVE-2001-1373 | 1 Zonelabs | 1 Zonealarm | 2024-02-04 | 5.0 MEDIUM | N/A |
MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments. | |||||
CVE-2002-1694 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running. | |||||
CVE-2002-1633 | 1 Qnx | 1 Qnx Rtos | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long command line arguments to (1) sample, (2) ex, (3) du, (4) find, (5) lex, (6) mkdir, (7) rm, (8) serserv, (9) tcpserv, (10) termdef, (11) time, (12) unzip, (13) use, (14) wcc, (15) wcc386, (16) wd, (17) wdisasm, (18) which, (19) wlib, (20) wlink, (21) wpp, (22) wpp386, (23) wprof, (24) write, or (25) wstrip. | |||||
CVE-2003-0610 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | |||||
CVE-2001-1157 | 1 Baltimore Technologies | 1 Websweeper | 2024-02-04 | 7.5 HIGH | N/A |
Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode. | |||||
CVE-2000-0277 | 1 Microsoft | 1 Excel | 2024-02-04 | 7.2 HIGH | N/A |
Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability. | |||||
CVE-2001-0198 | 1 Apple | 1 Quicktime | 2024-02-04 | 7.6 HIGH | N/A |
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
CVE-2002-0678 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2024-02-04 | 7.2 HIGH | N/A |
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. | |||||
CVE-1999-0468 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. | |||||
CVE-2004-2095 | 1 Niels Provos | 1 Honeyd | 2024-02-04 | 5.0 MEDIUM | N/A |
Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd. | |||||
CVE-2000-0810 | 1 Cgi Script Center | 1 Auction Weaver | 2024-02-04 | 7.5 HIGH | N/A |
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | |||||
CVE-1999-0800 | 1 Allaire | 1 Forums | 2024-02-04 | 5.0 MEDIUM | N/A |
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm. | |||||
CVE-2001-0973 | 1 Fraunhofer Fit | 1 Bscw | 2024-02-04 | 6.4 MEDIUM | N/A |
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space. | |||||
CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | |||||
CVE-1999-1590 | 1 Wwwcount | 1 Wwwcount | 2024-02-04 | 3.5 LOW | N/A |
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021. |