Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1195 | 1 Vienuke | 1 Vieboard | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable. | |||||
CVE-2001-0685 | 1 Thibault Godouet | 1 Fcron | 2024-02-04 | 2.6 LOW | N/A |
Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via a symlink attack on the fcrontab temporary file. | |||||
CVE-2001-0251 | 1 Netscape | 1 Enterprise Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command. | |||||
CVE-2000-0467 | 1 Sam Lantinga | 1 Splitvt | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function. | |||||
CVE-2002-1187 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource. | |||||
CVE-2000-0975 | 1 Anaconda Partners | 1 Foundation Directory | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2003-0495 | 1 Ledscripts.com | 1 Lednews | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote attackers to insert arbitrary web script via a news item. | |||||
CVE-2001-0332 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
CVE-2002-1350 | 1 Lbl | 1 Tcpdump | 2024-02-04 | 7.5 HIGH | N/A |
The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | |||||
CVE-2004-1971 | 1 Oscar Fafian | 1 Video Gallery | 2024-02-04 | 5.0 MEDIUM | N/A |
modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the full path in an error message. | |||||
CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
CVE-2001-0961 | 1 John E. Davis | 1 Most | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most. | |||||
CVE-2004-1296 | 1 Gnu | 1 Groff | 2024-02-04 | 2.1 LOW | N/A |
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-1999-0988 | 1 Sco | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. | |||||
CVE-2004-1121 | 1 Apple | 1 Safari | 2024-02-04 | 5.0 MEDIUM | N/A |
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags. | |||||
CVE-2004-0332 | 1 Extremail | 1 Extremail | 2024-02-04 | 10.0 HIGH | N/A |
Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, which allows remote attackers to gain privileges. | |||||
CVE-2004-0706 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 2.1 LOW | N/A |
Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files. | |||||
CVE-2004-1667 | 1 Gearbox Software | 1 Halo Combat Evolved | 2024-02-04 | 5.0 MEDIUM | N/A |
Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response. | |||||
CVE-2001-1473 | 1 Ssh | 1 Ssh | 2024-02-04 | 7.5 HIGH | N/A |
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target. | |||||
CVE-2001-0941 | 1 Oracle | 1 Database Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable. |