Total
254040 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1209 | 1 Sco | 2 Open Desktop, Openserver | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges. | |||||
| CVE-2002-0135 | 1 Netopia | 1 Timbuktu Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
| Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a series of connections to one of the ports (1417 - 1420). | |||||
| CVE-2003-0462 | 2 Linux, Mandrakesoft | 4 Linux Kernel, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2024-02-04 | 1.2 LOW | N/A |
| A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). | |||||
| CVE-2004-0259 | 1 Joe Lumbroso Acks | 1 Formmail.php | 2024-02-04 | 9.3 HIGH | N/A |
| The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting (XSS) issue. | |||||
| CVE-2002-2062 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL. | |||||
| CVE-2003-0771 | 1 Apache Gallery | 1 Apache Gallery | 2024-02-04 | 4.6 MEDIUM | N/A |
| Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does. | |||||
| CVE-2001-1084 | 1 Macromedia | 1 Jrun | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message. | |||||
| CVE-2002-1016 | 1 Adobe | 1 Digital Editions | 2024-02-04 | 4.6 MEDIUM | N/A |
| Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files. | |||||
| CVE-2001-1092 | 1 Compaq | 1 Tru64 | 2024-02-04 | 2.1 LOW | N/A |
| msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. | |||||
| CVE-1999-0306 | 1 Hp | 1 Vvos | 2024-02-04 | 7.2 HIGH | N/A |
| buffer overflow in HP xlock program. | |||||
| CVE-2001-0454 | 1 Whitsoft | 1 Slimserve | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request. | |||||
| CVE-1999-0771 | 1 Compaq | 2 Insight Management Agent, Power Management | 2024-02-04 | 5.0 MEDIUM | N/A |
| The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2002-0910 | 1 Debian | 1 Netstd | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to. | |||||
| CVE-2004-2210 | 1 Express-web | 1 Express-web Content Management System | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. | |||||
| CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2024-02-04 | 7.5 HIGH | N/A |
| SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | |||||
| CVE-2004-0645 | 2 Abisource, Wvware | 2 Community Abiword, Wvware | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field. | |||||
| CVE-2002-0736 | 1 Microsoft | 1 Backoffice | 2024-02-04 | 10.0 HIGH | N/A |
| Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank. | |||||
| CVE-2003-0655 | 1 Cdrtools | 1 Cdrtools | 2024-02-04 | 7.2 HIGH | N/A |
| rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root privileges by specifying the target file as a command line argument, which is modified while rscsi is running with privileges. | |||||
| CVE-2000-0020 | 1 Man And Mice | 1 Dns Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
| DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. | |||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2024-02-04 | 4.6 MEDIUM | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | |||||