Total
253959 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0832 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. | |||||
CVE-2004-1499 | 1 Webhost Automation | 1 Helm Control Panel | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field. | |||||
CVE-2000-0190 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 5.0 MEDIUM | N/A |
AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. | |||||
CVE-2003-1395 | 1 Kazaa | 1 Kazaa Media Desktop | 2024-02-04 | 9.0 HIGH | N/A |
Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server. | |||||
CVE-2001-0039 | 1 Ipswitch | 1 Imail | 2024-02-04 | 5.0 MEDIUM | N/A |
IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. | |||||
CVE-1999-0802 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.6 HIGH | N/A |
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon. | |||||
CVE-2004-2113 | 1 Herberlin | 1 Bremsserver | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
CVE-2001-1003 | 1 Webct | 1 Respondus | 2024-02-04 | 4.6 MEDIUM | N/A |
Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges. | |||||
CVE-1999-0340 | 1 Slackware | 1 Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Linux Slackware crond program allows local users to gain root access. | |||||
CVE-2002-1334 | 1 Bizdesign | 1 Imagefolio | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi. | |||||
CVE-2003-1075 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. | |||||
CVE-2002-1511 | 2 Att, Tightvnc | 2 Vnc, Tightvnc | 2024-02-04 | 5.0 MEDIUM | N/A |
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. | |||||
CVE-2000-1105 | 1 Microsoft | 1 Indexing Service | 2024-02-04 | 4.3 MEDIUM | N/A |
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled. | |||||
CVE-2000-0677 | 1 Ibm | 1 Net.data | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable. | |||||
CVE-1999-0532 | 2024-02-04 | N/A | N/A | ||
A DNS server allows zone transfers. | |||||
CVE-2004-1591 | 1 Micronet | 1 Sp916bm | 2024-02-04 | 7.5 HIGH | N/A |
The web interface for Micronet Wireless Broadband Router SP916BM running firmware before 1.9 08/04/2004 resets the password to the default password when the router is shut off, which could allow remote attackers to gain access. | |||||
CVE-1999-0613 | 2024-02-04 | N/A | N/A | ||
The rpc.sprayd service is running. | |||||
CVE-2002-2233 | 1 Mollensoft Software | 1 Enceladus Server Suite | 2024-02-04 | 8.3 HIGH | N/A |
Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/..@/..". | |||||
CVE-2003-0044 | 1 Apache | 1 Tomcat | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML. | |||||
CVE-2004-1868 | 1 Esignal | 1 Esignal | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute arbitrary code via a long STREAMQUOTE tag. |