Total
254006 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2286 | 1 Apt-www-proxy | 1 Apt-www-proxy | 2024-02-04 | 5.0 MEDIUM | N/A |
The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference. | |||||
CVE-2003-0303 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2024-02-04 | 5.0 MEDIUM | N/A |
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. | |||||
CVE-2004-1355 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | |||||
CVE-2000-0334 | 1 Allaire | 1 Spectra | 2024-02-04 | 2.1 LOW | N/A |
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. | |||||
CVE-2002-1543 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. | |||||
CVE-2001-0869 | 3 Caldera, Redhat, Suse | 5 Openlinux Eserver, Openlinux Workstation, Linux and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. | |||||
CVE-2003-0157 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0138. Reason: This candidate is a reservation duplicate of CVE-2003-0138 due to incomplete coordination. Notes: All CVE users should reference CVE-2003-0138 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-1999-0625 | 2024-02-04 | N/A | N/A | ||
The rpc.rquotad service is running. | |||||
CVE-2003-1197 | 1 Ledscripts.com | 1 Ledforums | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread. | |||||
CVE-2001-0858 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges. | |||||
CVE-1999-0932 | 1 Mediahouse Software | 1 Statistics Server | 2024-02-04 | 7.2 HIGH | N/A |
Mediahouse Statistics Server allows remote attackers to read the administrator password, which is stored in cleartext in the ss.cfg file. | |||||
CVE-2004-1742 | 1 Web-app.org | 1 Webapp | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. | |||||
CVE-2002-1829 | 1 Openbb | 1 Openbb | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or (3) a glow tag. | |||||
CVE-2003-1238 | 1 Nuked-klan | 1 Nuked-klan | 2024-02-04 | 5.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. | |||||
CVE-2004-2220 | 1 F-secure | 1 F-secure Anti-virus | 2024-02-04 | 5.0 MEDIUM | N/A |
F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. | |||||
CVE-2000-0891 | 1 Ibm | 1 Lotus Notes | 2024-02-04 | 7.5 HIGH | N/A |
A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. | |||||
CVE-2002-1252 | 1 Peoplesoft | 1 Peopletools | 2024-02-04 | 5.0 MEDIUM | N/A |
The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request that is processed by the SimpleFileHandler handler. | |||||
CVE-2004-1645 | 1 Jerod Moemeka | 1 Xedus | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x. | |||||
CVE-1999-0408 | 1 Sun | 1 Cobalt Raq | 2024-02-04 | 10.0 HIGH | N/A |
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. | |||||
CVE-2001-1107 | 1 Snapstream | 1 Pvs | 2024-02-04 | 5.0 MEDIUM | N/A |
SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. |