Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2059 | 1 Xlinesoft | 1 Asprunner | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parameter in [TABLE-NAME]_edit.asp, (3) SearchFor parameter in [TABLE]_list.asp, or (4) SQL parameter in export.asp. | |||||
CVE-2004-0753 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2024-02-04 | 5.0 MEDIUM | N/A |
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2024-02-04 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0474 | 2 Brian Paul, Mandrakesoft | 2 Mesa, Mandrake Linux | 2024-02-04 | 2.1 LOW | N/A |
Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file. | |||||
CVE-2004-2212 | 1 Alivesites | 1 Alivesites Forum | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter. | |||||
CVE-2002-0181 | 1 Horde | 2 Horde, Imp | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter. | |||||
CVE-2002-1625 | 1 Macromedia | 1 Flash Player | 2024-02-04 | 5.0 MEDIUM | N/A |
Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed. | |||||
CVE-2004-0647 | 1 Shorewall | 1 Shorewall | 2024-02-04 | 4.6 MEDIUM | N/A |
shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file. | |||||
CVE-1999-1554 | 1 Sgi | 1 Irix | 2024-02-04 | 2.1 LOW | N/A |
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users. | |||||
CVE-2004-2180 | 1 Wowbb | 1 Wowbb Web Forum | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_user.php, (4) highlight parameter to view_topic.php, (5) show parameter to index.php, (6) q parameter to search.php, (7) Referer header to admin.php, or the (8) user_email parameter to login.php. | |||||
CVE-2004-0415 | 3 Linux, Redhat, Trustix | 3 Linux Kernel, Fedora Core, Secure Linux | 2024-02-04 | 2.1 LOW | N/A |
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. | |||||
CVE-1999-0548 | 2024-02-04 | 10.0 HIGH | N/A | ||
A superfluous NFS server is running, but it is not importing or exporting any file systems. | |||||
CVE-2002-0592 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 7.5 HIGH | N/A |
AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user. | |||||
CVE-2000-0833 | 1 Jack De Winter | 1 Winsmtp | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command. | |||||
CVE-2003-1529 | 1 Seagull Software Systems | 1 J Walk Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and other versions before 3.3c4, allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL. | |||||
CVE-2003-0756 | 1 Sitebuilder | 1 Sitebuilder | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter. | |||||
CVE-1999-0627 | 1 Ibm | 1 Aix | 2024-02-04 | N/A | N/A |
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. | |||||
CVE-2001-0712 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc. | |||||
CVE-2002-0760 | 1 Bzip | 1 Bzip2 | 2024-02-04 | 1.2 LOW | N/A |
Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed. | |||||
CVE-2004-0817 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2024-02-04 | 7.5 HIGH | N/A |
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. |