Total
254012 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2060 | 1 Twibright Labs | 1 Links | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images. | |||||
CVE-2004-1991 | 1 Aldostools | 1 Aldo\'s Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a .. (dot dot) in an HTTP GET request. | |||||
CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | |||||
CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | |||||
CVE-1999-0972 | 1 Wolfpack Development | 1 Xshipwars | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Xshipwars xsw program. | |||||
CVE-1999-1150 | 1 Livingston Portmaster | 1 Portmaster | 2024-02-04 | 7.5 HIGH | N/A |
Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions. | |||||
CVE-2002-1864 | 1 Sws | 1 Sws Simple Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request. | |||||
CVE-2004-0973 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0457. Reason: This candidate is a reservation duplicate of CVE-2004-0457. Notes: All CVE users should reference CVE-2004-0457 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2002-0065 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2024-02-04 | 7.2 HIGH | N/A |
Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry. | |||||
CVE-2003-0474 | 1 Ashley Brown | 1 Iweb Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in iWeb Server allows remote attackers to read arbitrary files via an HTTP request containing .. sequences, a different vulnerability than CVE-2003-0475. | |||||
CVE-1999-1311 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges. | |||||
CVE-2003-0651 | 1 Mod Mylo | 1 Mod Mylo | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-1999-0801 | 1 Bmc | 1 Patrol Agent | 2024-02-04 | 10.0 HIGH | N/A |
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames. | |||||
CVE-1999-1125 | 1 Oracle | 1 Http Server | 2024-02-04 | 10.0 HIGH | N/A |
Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. | |||||
CVE-2002-1592 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. | |||||
CVE-2000-0169 | 1 Oracle | 1 Application Server | 2024-02-04 | 7.5 HIGH | N/A |
Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'. | |||||
CVE-2000-0905 | 1 Qnx | 1 Voyager | 2024-02-04 | 5.0 MEDIUM | N/A |
QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page. | |||||
CVE-2004-2036 | 1 Jportal | 1 Jportal Web Portal | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter. | |||||
CVE-2004-1416 | 2 Microsoft, Realnetworks | 2 Internet Explorer, Realone Player | 2024-02-04 | 5.1 MEDIUM | N/A |
pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | |||||
CVE-2004-0407 | 1 Macromedia | 1 Coldfusion | 2024-02-04 | 2.6 LOW | N/A |
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. |