Total
254037 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2421 | 1 Andrey Cherezov | 1 Acweb | 2024-02-04 | 7.8 HIGH | N/A |
acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2. | |||||
CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | |||||
CVE-2004-0218 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
CVE-2000-0990 | 1 Krzysztof Dabrowski | 1 Cmd5checkpw | 2024-02-04 | 7.5 HIGH | N/A |
cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username. | |||||
CVE-2002-0670 | 1 Pingtel | 1 Xpressa | 2024-02-04 | 7.5 HIGH | N/A |
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing. | |||||
CVE-2000-0989 | 1 Intel | 1 Inbusiness Email Station | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cause a denial of service and possibly execute commands via a long username. | |||||
CVE-2001-0217 | 1 Mnscu Pals | 1 Webpals | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter. | |||||
CVE-2004-1835 | 1 Invision Power Services | 1 Invision Gallery | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters. | |||||
CVE-2002-1373 | 1 Oracle | 1 Mysql | 2024-02-04 | 5.0 MEDIUM | N/A |
Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call. | |||||
CVE-2004-1889 | 1 Sgi | 1 Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows. | |||||
CVE-2000-0693 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2024-02-04 | 7.2 HIGH | N/A |
pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program. | |||||
CVE-2002-1589 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). | |||||
CVE-1999-0231 | 1 Seattle Lab Software | 1 Slmail | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. | |||||
CVE-2004-1711 | 1 Moodle | 1 Moodle | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. | |||||
CVE-2002-0763 | 1 Hp | 1 Virtualvault | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server. | |||||
CVE-2001-0506 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability. | |||||
CVE-2003-0257 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges. | |||||
CVE-2002-1852 | 1 Monkey-project | 1 Monkey | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl. | |||||
CVE-2000-0421 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.5 HIGH | N/A |
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. |