Total
253999 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2163 | 1 Killervault | 1 Kvpoll | 2024-02-04 | 4.0 MEDIUM | N/A |
KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php. | |||||
CVE-2003-1318 | 1 Twilight Utilities | 1 Twilight Webserver | 2024-02-04 | 7.8 HIGH | N/A |
Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376. | |||||
CVE-2003-0913 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access." | |||||
CVE-1999-1561 | 1 Nullsoft | 1 Shoutcast Server | 2024-02-04 | 7.2 HIGH | N/A |
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server. | |||||
CVE-2002-0857 | 1 Oracle | 2 Database Server, Oracle8i | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file. | |||||
CVE-2004-1844 | 1 Expinion.net | 1 Member Management System | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp. | |||||
CVE-2000-1155 | 1 Joe Kloss | 1 Robinhood | 2024-02-04 | 5.0 MEDIUM | N/A |
RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
CVE-1999-1118 | 1 Sun | 1 Solaris | 2024-02-04 | 2.1 LOW | N/A |
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters. | |||||
CVE-2002-2179 | 1 Unisys | 1 Clearpath Mcp | 2024-02-04 | 7.8 HIGH | N/A |
The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap. | |||||
CVE-2003-1076 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file. | |||||
CVE-2004-1867 | 1 Web Fresh | 1 Fresh Guest Book | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to inject arbitrary web script or HTML via the Name field. | |||||
CVE-2003-1181 | 1 Advanced Poll | 1 Advanced Poll | 2024-02-04 | 5.0 MEDIUM | N/A |
Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. | |||||
CVE-1999-0941 | 1 Mutt | 1 Mutt | 2024-02-04 | 7.5 HIGH | N/A |
Mutt mail client allows a remote attacker to execute commands via shell metacharacters. | |||||
CVE-2002-2083 | 1 Novell | 1 Netware | 2024-02-04 | 2.1 LOW | N/A |
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen. | |||||
CVE-2003-1394 | 1 Coffeecup Software | 1 Coffeecup Password Wizard | 2024-02-04 | 5.0 MEDIUM | N/A |
CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct request for the file. | |||||
CVE-2001-1380 | 1 Openbsd | 1 Openssh | 2024-02-04 | 7.5 HIGH | N/A |
OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses. | |||||
CVE-2004-1679 | 1 Jigunet | 2 Twinftp Enterprise, Twinftp Standard | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ (triple dot) in the (1) CWD, (2) STOR, or (3) RETR commands. | |||||
CVE-2003-1251 | 1 Nx | 1 N X Web Content Management System 2002 | 2024-02-04 | 7.5 HIGH | N/A |
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code. | |||||
CVE-2002-1020 | 1 Adobe | 1 Adobe Content Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available. | |||||
CVE-2001-1057 | 1 Wolfram Research | 1 Mathematica | 2024-02-04 | 5.0 MEDIUM | N/A |
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests. |