Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0344 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 7.2 HIGH | N/A |
An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account. | |||||
CVE-1999-0377 | 1 Unix | 1 Unix | 2024-02-04 | 5.0 MEDIUM | N/A |
Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services. | |||||
CVE-2001-0909 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL. | |||||
CVE-1999-0086 | 1 Ibm | 1 Aix | 2024-02-04 | 5.0 MEDIUM | N/A |
AIX routed allows remote users to modify sensitive files. | |||||
CVE-2004-0302 | 1 Fools Workshop | 1 Owls Workshop | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter in index.php, (2) editfile in glossary.php, or (3) editfile in newmultiplechoice.php. | |||||
CVE-2003-0881 | 1 Apple | 1 Mac Os X | 2024-02-04 | 7.5 HIGH | N/A |
Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. | |||||
CVE-2001-1360 | 1 Mostang | 1 Sane | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | |||||
CVE-2002-1801 | 1 Bizdesign | 1 Imagefolio | 2024-02-04 | 5.0 MEDIUM | N/A |
ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message. | |||||
CVE-2004-1736 | 1 The Cacti Group | 1 Cacti | 2024-02-04 | 5.0 MEDIUM | N/A |
Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message. | |||||
CVE-2002-0503 | 1 Citrix | 1 Nfuse | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter. | |||||
CVE-2001-0892 | 1 Acme | 1 Thttpd | 2024-02-04 | 5.0 MEDIUM | N/A |
Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /. | |||||
CVE-2001-0693 | 1 Webtrends | 2 Webtrends Enterprise Reporting Server, Webtrends Enterprise Reporting Server Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20). | |||||
CVE-2004-0515 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files." | |||||
CVE-2002-1545 | 1 Cooolsoft | 1 Personal Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response. | |||||
CVE-2000-1004 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters. | |||||
CVE-2001-0095 | 1 Sun | 1 Sunos | 2024-02-04 | 1.2 LOW | N/A |
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file. | |||||
CVE-2000-0098 | 1 Microsoft | 1 Index Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist. | |||||
CVE-2003-0224 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun." | |||||
CVE-2004-0205 | 2 Avaya, Microsoft | 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function. | |||||
CVE-2001-1173 | 1 Masqmail | 1 Masqmail | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in MasqMail before 0.1.15 allows local users to gain privileges via piped aliases. |