Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0728 | 1 Horde | 1 Horde | 2024-02-04 | 6.4 MEDIUM | N/A |
Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL. | |||||
CVE-2003-1189 | 1 Nokia | 1 Ipso | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors. | |||||
CVE-2002-1808 | 1 Zack Coburn | 1 Meunity Community System | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when creating a topic. | |||||
CVE-1999-1423 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. | |||||
CVE-2001-1337 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request. | |||||
CVE-2003-1166 | 1 Http Commander | 1 Http Commander | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter. | |||||
CVE-2000-0571 | 1 West Street Software | 1 Localweb Http Server | 2024-02-04 | 6.4 MEDIUM | N/A |
LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request. | |||||
CVE-2004-0399 | 1 University Of Cambridge | 1 Exim | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. | |||||
CVE-1999-0899 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. | |||||
CVE-2000-1007 | 1 Symantec | 1 I-gear | 2024-02-04 | 5.0 MEDIUM | N/A |
I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors. | |||||
CVE-2004-0806 | 1 Cdrtools | 1 Cdrecord | 2024-02-04 | 7.2 HIGH | N/A |
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges. | |||||
CVE-2003-0479 | 1 Affordable Web Space Design | 1 Affordable Web Space Design Webbbs | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS allows remote attackers to insert arbitrary web script via the (1) Name, (2) Email, or (3) Message fields. | |||||
CVE-2004-0769 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771. | |||||
CVE-2003-0099 | 1 Apc | 1 Apcupsd | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. | |||||
CVE-2000-0108 | 1 Intelligent Vending Systems | 1 Intellivend | 2024-02-04 | 7.5 HIGH | N/A |
The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2004-1492 | 1 Quicksilver | 1 Master Of Orion Iii | 2024-02-04 | 5.0 MEDIUM | N/A |
Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exit) via a data packet that contains a large size specifier, which causes a large memory allocation to fail. | |||||
CVE-2003-0372 | 1 Nessus | 1 Nessus | 2024-02-04 | 4.6 MEDIUM | N/A |
Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script. | |||||
CVE-2001-0263 | 1 Gene6 | 1 G6 Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled. | |||||
CVE-2002-0347 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. | |||||
CVE-2003-1345 | 1 Follett Software | 1 Webcollection Plus | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter. |