Total
253930 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1727 | 1 Asksam Systems | 1 Asksam Web Publisher | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL. | |||||
CVE-2003-1253 | 1 Sangwan Kim | 1 Bookmark4u | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php. | |||||
CVE-1999-0285 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. | |||||
CVE-1999-0375 | 1 Network Flight Recorder | 1 Network Flight Recorder | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. | |||||
CVE-2004-1666 | 1 Cerulean Studios | 1 Trillian | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character. | |||||
CVE-2003-1175 | 1 Synthetic Reality | 1 Sympoll | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter. | |||||
CVE-2004-1630 | 1 Openwfe | 1 Work Flow Engine | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the login form in Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to execute arbitrary web script or HTML via the url parameter. | |||||
CVE-1999-1338 | 1 Delegate | 1 Delegate | 2024-02-04 | 5.0 MEDIUM | N/A |
Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions. | |||||
CVE-2002-2161 | 1 Kerio | 1 Personal Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood. | |||||
CVE-2000-0408 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability. | |||||
CVE-2002-1182 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned. | |||||
CVE-2003-0883 | 1 Apple | 1 Mac Os X | 2024-02-04 | 4.6 MEDIUM | N/A |
The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system. | |||||
CVE-2000-0246 | 1 Microsoft | 6 Commercial Internet System, Internet Information Server, Internet Information Services and 3 more | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability. | |||||
CVE-2004-1930 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie. | |||||
CVE-2001-0050 | 1 Colten Edwards | 1 Bitchx | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary commands via an IP address that resolves to a long DNS hostname or domain name. | |||||
CVE-2003-1352 | 1 Gabber | 1 Gabber | 2024-02-04 | 5.0 MEDIUM | N/A |
Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing. | |||||
CVE-2003-0924 | 1 Netpbm | 1 Netpbm | 2024-02-04 | 3.7 LOW | N/A |
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | |||||
CVE-2002-1803 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
CVE-2003-1355 | 1 Electronic Arts | 1 Battlefield 1942 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password. | |||||
CVE-2002-1014 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image. |