Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0418 | 1 Endymion | 1 Sake Mail | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter. | |||||
CVE-2004-0319 | 1 Ezboard | 1 Ezboard | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument. | |||||
CVE-2004-1963 | 1 Freshmeat | 1 Network Query Tool | 2024-02-04 | 5.0 MEDIUM | N/A |
nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to obtain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | |||||
CVE-1999-1558 | 1 Digital | 2 Digital Openvms, Digital Openvms Axp | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled. | |||||
CVE-2001-1451 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. | |||||
CVE-2002-2323 | 1 Sun | 1 Solaris Pc Netlink | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. | |||||
CVE-1999-1400 | 1 The Economist | 1 The Economist 1999 Screen Saver | 2024-02-04 | 2.1 LOW | N/A |
The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked. | |||||
CVE-1999-0893 | 1 Sco | 1 Openserver | 2024-02-04 | 2.1 LOW | N/A |
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. | |||||
CVE-2004-1601 | 1 Coolphp | 1 Coolphp Web Portal | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to access arbitrary files and execute local PHP scripts via a .. (dot dot) in the op parameter. | |||||
CVE-2000-0219 | 1 Redhat | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt. | |||||
CVE-2002-1843 | 1 Perlbot | 1 Perlbot | 2024-02-04 | 7.5 HIGH | N/A |
Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. | |||||
CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | |||||
CVE-2002-1591 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 7.5 HIGH | N/A |
AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restrictions. | |||||
CVE-2003-1428 | 2 Bharat Mediratta, Linux | 2 Gallery, Linux Kernel | 2024-02-04 | 4.8 MEDIUM | N/A |
Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos. | |||||
CVE-2001-1174 | 1 Elm Development Group | 1 Elm | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header. | |||||
CVE-1999-0629 | 2024-02-04 | N/A | N/A | ||
The ident/identd service is running. | |||||
CVE-2004-1741 | 1 Music Daemon | 1 Music Daemon | 2024-02-04 | 5.0 MEDIUM | N/A |
Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST. | |||||
CVE-2002-1455 | 1 Omnicron | 1 Omnihttpd | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe. | |||||
CVE-2003-0828 | 1 Gus And Psilord | 1 Freesweep | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables. | |||||
CVE-2000-0765 | 1 Microsoft | 3 Excel, Powerpoint, Word | 2024-02-04 | 5.1 MEDIUM | N/A |
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability. |