Total
253977 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0107 | 1 Symantec Veritas | 1 Backup | 2024-02-04 | 5.0 MEDIUM | N/A |
| Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang. | |||||
| CVE-2002-2362 | 1 Sourceforge | 1 Mymarket | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. | |||||
| CVE-2001-1032 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
| admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy. | |||||
| CVE-2001-0717 | 1 Tooltalk | 1 Tooltalk Database Server | 2024-02-04 | 10.0 HIGH | N/A |
| Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function. | |||||
| CVE-2003-0812 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-02-04 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API. | |||||
| CVE-2002-0546 | 1 Nullsoft | 1 Winamp | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. | |||||
| CVE-1999-0740 | 1 Redhat | 1 Linux | 2024-02-04 | 6.4 MEDIUM | N/A |
| Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. | |||||
| CVE-2004-1877 | 1 Oracle | 2 Application Server, Http Server | 2024-02-04 | 2.6 LOW | N/A |
| The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password. | |||||
| CVE-2003-1439 | 1 Silc | 1 Secure Internet Live Conferencing | 2024-02-04 | 4.3 MEDIUM | N/A |
| Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. | |||||
| CVE-2003-0722 | 1 Sun | 1 Solaris | 2024-02-04 | 10.0 HIGH | N/A |
| The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets. | |||||
| CVE-2004-1726 | 1 John Bradley | 1 Xv | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. | |||||
| CVE-2003-0375 | 1 Xmb Forum | 1 Xmb | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter. | |||||
| CVE-2004-1552 | 1 Full Revolution | 1 Aspwebcalendar | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp. | |||||
| CVE-2003-0404 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. | |||||
| CVE-2003-0264 | 1 Seattle Lab Software | 1 Slmail | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server. | |||||
| CVE-2004-2239 | 1 Inter7 | 1 Vpopmail \(vchkpw\) | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2004-0826 | 4 Hp, Mozilla, Netscape and 1 more | 10 Hp-ux, Network Security Services, Certificate Server and 7 more | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | |||||
| CVE-2001-0369 | 1 Digital | 1 Unix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name). | |||||
| CVE-2002-1228 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. | |||||
| CVE-2001-0870 | 2 Alchemy Lab, Dek Software | 2 Alchemy Eye, Alchemy Network Monitor | 2024-02-04 | 5.0 MEDIUM | N/A |
| HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file. | |||||