Total
254282 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0810 | 1 Cgi Script Center | 1 Auction Weaver | 2024-02-04 | 7.5 HIGH | N/A |
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | |||||
CVE-1999-0800 | 1 Allaire | 1 Forums | 2024-02-04 | 5.0 MEDIUM | N/A |
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm. | |||||
CVE-2001-0973 | 1 Fraunhofer Fit | 1 Bscw | 2024-02-04 | 6.4 MEDIUM | N/A |
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space. | |||||
CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | |||||
CVE-1999-1590 | 1 Wwwcount | 1 Wwwcount | 2024-02-04 | 3.5 LOW | N/A |
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021. | |||||
CVE-2001-0902 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. | |||||
CVE-2001-0850 | 1 Caldera | 1 Openlinux | 2024-02-04 | 10.0 HIGH | N/A |
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow. | |||||
CVE-2002-2006 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets. | |||||
CVE-2000-0454 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. | |||||
CVE-2000-1160 | 1 Network Associates | 1 Sniffer Agent | 2024-02-04 | 5.0 MEDIUM | N/A |
NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests. | |||||
CVE-2002-0392 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2024-02-04 | 7.5 HIGH | N/A |
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | |||||
CVE-2002-2328 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.1 HIGH | N/A |
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request. | |||||
CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | |||||
CVE-1999-0469 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client. | |||||
CVE-2000-0281 | 1 Napster | 1 Napster Client | 2024-02-04 | 2.1 LOW | N/A |
Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message. | |||||
CVE-2002-1999 | 1 Hp | 1 Praesidium Webproxy | 2024-02-04 | 5.0 MEDIUM | N/A |
HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. | |||||
CVE-2004-1851 | 1 Dameware Development | 1 Mini Remote Control Server | 2024-02-04 | 7.5 HIGH | N/A |
Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier for remote attackers to obtain sensitive information via brute force guessing. | |||||
CVE-2000-0294 | 1 Jim Housley | 1 Healthd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. | |||||
CVE-2002-2260 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page. | |||||
CVE-1999-1034 | 1 Att | 1 Svr4 | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. |