Total
253942 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0476 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. | |||||
CVE-2002-1986 | 1 Perception | 1 Liteserve | 2024-02-04 | 5.0 MEDIUM | N/A |
Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot ("."). | |||||
CVE-2004-1628 | 1 Pizzashack | 1 Rssh | 2024-02-04 | 9.0 HIGH | N/A |
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code. | |||||
CVE-2002-2272 | 1 Apache | 2 Http Server, Tomcat | 2024-02-04 | 7.8 HIGH | N/A |
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. | |||||
CVE-1999-0926 | 1 Apache | 1 Http Server | 2024-02-04 | 10.0 HIGH | N/A |
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. | |||||
CVE-2002-2348 | 1 Authoria | 1 Authoria | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter. | |||||
CVE-2002-0364 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise." | |||||
CVE-2002-1944 | 1 Motorola | 1 Surfboard | 2024-02-04 | 5.0 MEDIUM | N/A |
Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service (crash) by performing a SYN scan using a tool such as nmap. | |||||
CVE-2004-1911 | 1 Azerbaijan Development Group | 1 Azdgdating | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php. | |||||
CVE-2000-0545 | 1 Sgi | 1 Mailx | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter. | |||||
CVE-2003-1496 | 1 Hp | 1 Tru64 | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840. | |||||
CVE-2000-1109 | 1 Midnight Commander | 1 Midnight Commander | 2024-02-04 | 4.6 MEDIUM | N/A |
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed. | |||||
CVE-2002-1234 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0180. Reason: This candidate is a an out-of-band assignment duplicate of CVE-2002-0180. Notes: All CVE users should reference CVE-2002-0180 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2003-1026 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 9.3 HIGH | N/A |
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the "Travel Log Cross Domain Vulnerability." | |||||
CVE-2002-1627 | 1 Mike Spice | 1 Quiz Me | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the quiz parameter. | |||||
CVE-2001-0944 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-04 | 7.2 HIGH | N/A |
DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process. | |||||
CVE-2004-0043 | 1 Yahoo | 1 Messenger | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. | |||||
CVE-1999-0601 | 2024-02-04 | 10.0 HIGH | N/A | ||
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets. | |||||
CVE-1999-0641 | 2024-02-04 | N/A | N/A | ||
The UUCP service is running. | |||||
CVE-2003-0488 | 1 Kerio | 1 Kerio Mailserver | 2024-02-04 | 5.1 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. |