Total
253921 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0967 | 1 Php | 1 Php | 2024-02-04 | 10.0 HIGH | N/A |
| PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs. | |||||
| CVE-1999-0302 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
| SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. | |||||
| CVE-2001-1134 | 1 Xerox | 1 Docuprint N40 | 2024-02-04 | 5.0 MEDIUM | N/A |
| Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm. | |||||
| CVE-2002-2353 | 1 Tftpd32 | 1 Tftpd32 | 2024-02-04 | 6.4 MEDIUM | N/A |
| tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests. | |||||
| CVE-2003-1160 | 1 Seyeon | 1 Flexwatch Network Video Server | 2024-02-04 | 10.0 HIGH | N/A |
| FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). | |||||
| CVE-2001-0041 | 1 Cisco | 1 Catos | 2024-02-04 | 7.8 HIGH | N/A |
| Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. | |||||
| CVE-2003-0692 | 1 Kde | 1 Kde | 2024-02-04 | 7.5 HIGH | N/A |
| KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | |||||
| CVE-2004-0465 | 1 Openconnect | 1 Webconnect | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter. | |||||
| CVE-2004-0727 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | |||||
| CVE-2002-1197 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
| bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail. | |||||
| CVE-2002-1430 | 1 Synthetic Reality | 1 Sympoll | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters. | |||||
| CVE-1999-0272 | 1 Slmail | 1 Slmail | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in Slmail v2.5 through the POP3 port. | |||||
| CVE-2001-0518 | 1 Oracle | 1 Oracle9i | 2024-02-04 | 5.0 MEDIUM | N/A |
| Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang. | |||||
| CVE-2004-0592 | 1 Suse | 1 Suse Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626. | |||||
| CVE-2003-0332 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 7.6 HIGH | N/A |
| The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension. | |||||
| CVE-2004-0534 | 1 Businessobjects | 2 Infoview, Webintelligence | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document. | |||||
| CVE-1999-1250 | 1 Blue World Communications | 1 Lasso Cgi | 2024-02-04 | 5.0 MEDIUM | N/A |
| Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files. | |||||
| CVE-2001-1040 | 1 Hp | 1 Jetadmin | 2024-02-04 | 6.4 MEDIUM | N/A |
| HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password. | |||||
| CVE-2001-0979 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument. | |||||
| CVE-2000-0533 | 1 Sgi | 1 Workshop Debugger And Performance Tools | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files. | |||||