Total
256628 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0768 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 2.6 LOW | N/A |
| A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
| CVE-2003-1476 | 1 Cerberus | 1 Ftp Server | 2024-02-04 | 2.1 LOW | N/A |
| Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access. | |||||
| CVE-2002-1483 | 1 Db4web | 1 Db4web | 2024-02-04 | 5.0 MEDIUM | N/A |
| db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot). | |||||
| CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2024-02-04 | 5.0 MEDIUM | N/A |
| Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. | |||||
| CVE-2002-1336 | 1 Tightvnc | 1 Tightvnc | 2024-02-04 | 7.5 HIGH | N/A |
| TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | |||||
| CVE-2002-0885 | 2 Caldera, Sun | 3 Openunix, Unixware, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error. | |||||
| CVE-2002-1257 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
| Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | |||||
| CVE-2003-0095 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. | |||||
| CVE-2002-0573 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | |||||
| CVE-2001-1343 | 1 Cgicentral | 2 Webstore 400, Webstore 400cs | 2024-02-04 | 7.5 HIGH | N/A |
| ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter. | |||||
| CVE-1999-0198 | 2024-02-04 | 10.0 HIGH | N/A | ||
| finger .@host on some systems may print information on some user accounts. | |||||
| CVE-2002-0887 | 1 Caldera | 1 Openserver | 2024-02-04 | 2.1 LOW | N/A |
| scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files. | |||||
| CVE-2002-0296 | 1 Tarantella | 1 Tarantella Enterprise | 2024-02-04 | 1.2 LOW | N/A |
| The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file. | |||||
| CVE-2001-0253 | 1 Iweb Systems | 1 Hyperseek | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter. | |||||
| CVE-2002-1700 | 2 Macromedia, Microsoft | 3 Coldfusion, Internet Information Services, Windows 2000 | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message. | |||||
| CVE-1999-0570 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
| Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. | |||||
| CVE-1999-1015 | 1 Apple | 1 Appleshare Mail Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |||||
| CVE-2004-0429 | 1 Apple | 1 Mac Os X | 2024-02-04 | 10.0 HIGH | N/A |
| Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. | |||||
| CVE-2003-0217 | 1 Neoteris | 1 Instant Virtual Extranet | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier allows remote attackers to insert arbitrary web script and bypass authentication via a certain CGI script. | |||||
| CVE-2003-1401 | 1 Php Board | 1 Php Board | 2024-02-04 | 5.8 MEDIUM | N/A |
| login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request. | |||||