Total
254281 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1693 | 1 Mambo | 1 Mambo | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2000-0601 | 1 Leafdigital | 1 Leafchat | 2024-02-04 | 5.0 MEDIUM | N/A |
| LeafChat 1.7 IRC client allows a remote IRC server to cause a denial of service by rapidly sending a large amount of error messages. | |||||
| CVE-2004-0229 | 2 Gentoo, Linux | 2 Linux, Linux Kernel | 2024-02-04 | 4.6 MEDIUM | N/A |
| The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact. | |||||
| CVE-2001-0828 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 5.1 MEDIUM | N/A |
| A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript. | |||||
| CVE-1999-1019 | 1 Cabletron | 1 Spectrum Enterprise Manager | 2024-02-04 | 7.2 HIGH | N/A |
| SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise. | |||||
| CVE-2004-2096 | 1 Mephistoles Internet Suite | 1 Mephistoles Httpd | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL. | |||||
| CVE-2001-0596 | 1 Netscape | 1 Communicator | 2024-02-04 | 7.5 HIGH | N/A |
| Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. | |||||
| CVE-2002-0553 | 1 Turnkey Solutions | 1 Sunshop Shopping Cart | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration. | |||||
| CVE-2000-0783 | 1 Watchguard | 1 Firebox | 2024-02-04 | 5.0 MEDIUM | N/A |
| Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100. | |||||
| CVE-2004-2007 | 1 Adam Webb | 1 Nukejokes | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to inject arbitrary HTML or web script via the (1) cat parameter in a CatView function or (2) jokeid parameter in a JokeView function. | |||||
| CVE-2002-1112 | 1 Mantis | 1 Mantis | 2024-02-04 | 5.0 MEDIUM | N/A |
| Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page. | |||||
| CVE-2002-0668 | 1 Pingtel | 1 Xpressa | 2024-02-04 | 7.5 HIGH | N/A |
| The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call Forwarding settings and hijack calls. | |||||
| CVE-2002-0191 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability. | |||||
| CVE-2000-0490 | 1 Netwin | 1 Dmail | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request. | |||||
| CVE-2003-0578 | 1 Ibm | 1 U2 Universe | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files. | |||||
| CVE-1999-0875 | 2 Microsoft, Sun | 5 Windows 2000, Windows 95, Windows 98se and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
| DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | |||||
| CVE-2002-1989 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 5.0 MEDIUM | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp. | |||||
| CVE-2002-2426 | 1 Citrix | 3 Access Essentials, Metaframe Presentation Server, Presentation Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the InitialProgram key in an ICA connection. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2004-2038 | 1 Neocrome | 1 Land Down Under | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. | |||||
| CVE-2002-0691 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. | |||||