Total
256654 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1484 | 1 Microsoft | 1 Ie | 2024-02-04 | 4.3 MEDIUM | N/A |
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute. | |||||
CVE-2001-0448 | 1 Software602 | 1 602pro Lan Suite | 2024-02-04 | 5.0 MEDIUM | N/A |
Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service via an HTTP GET HTTP request to the aux directory, and possibly other directories with legacy DOS device names. | |||||
CVE-2000-0492 | 1 Passwd | 1 Passwd | 2024-02-04 | 5.0 MEDIUM | N/A |
PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords. | |||||
CVE-2003-0930 | 1 Clearswift | 1 Mailsweeper | 2024-02-04 | 7.5 HIGH | N/A |
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. | |||||
CVE-2001-0452 | 1 Brs | 1 Webweaver | 2024-02-04 | 5.0 MEDIUM | N/A |
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. | |||||
CVE-2000-1145 | 1 Recourse Technologies | 1 Mantrap | 2024-02-04 | 4.6 MEDIUM | N/A |
Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or fsdb to read /dev/mem and raw disk devices to identify ManTrap processes or modify arbitrary data files. | |||||
CVE-2002-0877 | 1 Evolvable Corporation | 1 Shambala Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands. | |||||
CVE-2001-0056 | 1 Cisco | 1 Broadband Operating System | 2024-02-04 | 7.5 HIGH | N/A |
The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | |||||
CVE-2001-1440 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system. | |||||
CVE-2001-0088 | 1 Jason Hines | 1 Phpweblog | 2024-02-04 | 7.5 HIGH | N/A |
common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog. | |||||
CVE-2001-0875 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. | |||||
CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2024-02-04 | 7.5 HIGH | N/A |
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||||
CVE-2004-0723 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-04 | 6.4 MEDIUM | N/A |
Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." | |||||
CVE-2003-1250 | 1 Efficient Networks | 1 5861 Dsl Router | 2024-02-04 | 5.0 MEDIUM | N/A |
Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. | |||||
CVE-2002-1285 | 1 Suse | 1 Suse Linux | 2024-02-04 | 7.2 HIGH | N/A |
runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. | |||||
CVE-2003-0611 | 1 Xtokkaetama | 1 Xtokkaetama | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. | |||||
CVE-2004-1651 | 1 Brickhost | 1 Phpscheduleit | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Lastname fields during new user registration, or (3) the Schedule Name field. | |||||
CVE-2002-1082 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 5.0 MEDIUM | N/A |
The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded. | |||||
CVE-2000-0963 | 4 Freebsd, Gnu, Immunix and 1 more | 4 Freebsd, Ncurses, Immunix and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | |||||
CVE-2001-0836 | 1 Oracle | 1 Application Server Web Cache | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. |