Total
254030 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0752 | 1 Attila-php.net | 1 Attilaphp | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter. | |||||
CVE-2004-0955 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0599. Reason: This candidate is a reservation duplicate of CVE-2004-0599 (the first item listed in that candidate). Notes: All CVE users should reference CVE-2004-0599 instead of this candidate. All references and descriptions have been removed from this candidate to prevent accidental usage. | |||||
CVE-2003-0623 | 1 Bea | 2 Tuxedo, Weblogic Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument. | |||||
CVE-2004-1952 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password. | |||||
CVE-2002-0529 | 1 Hp | 1 Photosmart Print Driver | 2024-02-04 | 6.2 MEDIUM | N/A |
HP Photosmart printer driver for Mac OS X installs the hp_imaging_connectivity program and the hp_imaging_connectivity.app directory with world-writable permissions, which allows local users to gain privileges of other Photosmart users by replacing hp_imaging_connectivity with a Trojan horse. | |||||
CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | |||||
CVE-2002-1577 | 1 Sap | 1 Sap R 3 | 2024-02-04 | 7.5 HIGH | N/A |
SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts. | |||||
CVE-2003-0699 | 1 Redhat | 2 Enterprise Linux, Linux Advanced Workstation | 2024-02-04 | 7.5 HIGH | N/A |
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | |||||
CVE-2002-0330 | 1 Openbb | 1 Openbb | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag. | |||||
CVE-1999-0107 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. | |||||
CVE-2002-0087 | 1 Lotus | 1 Domino | 2024-02-04 | 2.1 LOW | N/A |
bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | |||||
CVE-2001-1237 | 1 Peaceworks Computer Consulting | 1 Phormation | 2024-02-04 | 7.5 HIGH | N/A |
Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. | |||||
CVE-2000-0499 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |||||
CVE-2001-0464 | 1 Crosswind | 1 Cyberscheduler | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter. | |||||
CVE-2004-0593 | 1 Sygate Technologies | 2 Enforcer, Secure Enterprise | 2024-02-04 | 7.5 HIGH | N/A |
Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules. | |||||
CVE-2004-0080 | 1 Andries Brouwer | 1 Util-linux | 2024-02-04 | 5.0 MEDIUM | N/A |
The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data. | |||||
CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
A system does not present an appropriate legal message or warning to a user who is accessing it. | |||||
CVE-2002-2002 | 1 Compaq | 1 Tru64 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables. | |||||
CVE-2002-1661 | 1 Leafnode | 1 Leafnode | 2024-02-04 | 5.0 MEDIUM | N/A |
The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group. | |||||
CVE-1999-1492 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges. |