Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1665 | 1 Psnews | 1 Psnews | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter. | |||||
CVE-2000-0759 | 1 Apache | 1 Tomcat | 2024-02-04 | 6.4 MEDIUM | N/A |
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. | |||||
CVE-2003-0275 | 1 Yabb | 1 Yabb | 2024-02-04 | 5.1 MEDIUM | N/A |
SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2001-1231 | 1 Novell | 1 Groupwise | 2024-02-04 | 5.0 MEDIUM | N/A |
GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix. | |||||
CVE-1999-0549 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
Windows NT automatically logs in an administrator upon rebooting. | |||||
CVE-2002-0167 | 1 Enlightenment | 1 Imlib | 2024-02-04 | 7.5 HIGH | N/A |
Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM. | |||||
CVE-1999-0891 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect. | |||||
CVE-2002-1466 | 1 Cafelog | 1 B2 | 2024-02-04 | 10.0 HIGH | N/A |
CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable. | |||||
CVE-2002-1962 | 1 Finjan Software | 1 Surfingate | 2024-02-04 | 7.5 HIGH | N/A |
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname. | |||||
CVE-2004-0125 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table. | |||||
CVE-2001-0861 | 1 Cisco | 1 12000 Router | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies. | |||||
CVE-2002-1863 | 1 Iomega | 1 Network Attached Storage | 2024-02-04 | 4.6 MEDIUM | N/A |
Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled. | |||||
CVE-2004-1783 | 1 Net2soft | 1 Flash Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read and create arbitrary files via a /.. (slash dot dot). | |||||
CVE-2002-1379 | 1 Openldap | 1 Openldap | 2024-02-04 | 7.5 HIGH | N/A |
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. | |||||
CVE-2002-0371 | 2 Microsoft, University Of Minnesota | 4 Internet Explorer, Isa Server, Proxy Server and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. | |||||
CVE-2000-0122 | 1 Microsoft | 1 Frontpage | 2024-02-04 | 5.0 MEDIUM | N/A |
Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program. | |||||
CVE-2002-1264 | 1 Oracle | 1 Oracle9i | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL. | |||||
CVE-2002-1120 | 1 Savant | 1 Savant Web Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-1999-0695 | 1 Sybase | 1 Powerdynamo | 2024-02-04 | 5.0 MEDIUM | N/A |
The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack. | |||||
CVE-2004-0732 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to execute arbitrary SQL statements via the instory parameter. |