Total
253967 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0626 | 1 Peoplesoft | 1 Peopletools | 2024-02-04 | 5.0 MEDIUM | N/A |
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. | |||||
CVE-2002-0581 | 1 Workforceroi | 1 Xpede | 2024-02-04 | 7.5 HIGH | N/A |
WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | |||||
CVE-2003-1331 | 1 Oracle | 1 Mysql | 2024-02-04 | 4.0 MEDIUM | N/A |
Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453. | |||||
CVE-2003-1433 | 1 Epic Games | 1 Unreal Engine | 2024-02-04 | 4.3 MEDIUM | N/A |
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times. | |||||
CVE-2001-0759 | 1 Jetico | 1 Bestcrypt | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount. | |||||
CVE-1999-0943 | 1 Openlink | 1 Openlink | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator. | |||||
CVE-2002-1984 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046". | |||||
CVE-1999-0779 | 1 Hp | 1 Hp-ux | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in HP-UX SharedX recserv program. | |||||
CVE-2004-0663 | 1 Powerportal | 1 Powerportal | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content modules; and (3) files parameter to the gallery module. | |||||
CVE-2003-0454 | 1 Joe Rumsey | 1 Xgalaga | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable. | |||||
CVE-1999-0311 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
fpkg2swpk in HP-UX allows local users to gain root access. | |||||
CVE-2004-2047 | 1 Easyweb | 1 Easyweb Filemanager | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter. | |||||
CVE-2003-1539 | 1 Onedotoh | 1 Simple File Manager | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names. | |||||
CVE-1999-1009 | 1 Disney | 1 Go Express Search | 2024-02-04 | 2.6 LOW | N/A |
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. | |||||
CVE-2001-0975 | 1 Oracle | 1 Internet Directory | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2002-0464 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp. | |||||
CVE-2004-2229 | 1 Oracle | 1 Database Server Lite | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | |||||
CVE-2001-0839 | 1 Ibill Internet Billing Company | 1 Processing Plus | 2024-02-04 | 7.5 HIGH | N/A |
ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing. | |||||
CVE-2002-1378 | 1 Openldap | 1 Openldap | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | |||||
CVE-2003-1196 | 1 Vienuke | 1 Vieboard | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. |