Vulnerabilities (CVE)

Total 259224 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0516 1 Oracle 2 Oracle8i, Oracle9i 2024-02-04 5.0 MEDIUM N/A
Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data.
CVE-2002-1226 1 Kth 1 Heimdal 2024-02-04 10.0 HIGH N/A
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
CVE-2003-0626 1 Peoplesoft 1 Peopletools 2024-02-04 5.0 MEDIUM N/A
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments.
CVE-2002-0581 1 Workforceroi 1 Xpede 2024-02-04 7.5 HIGH N/A
WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.
CVE-2003-1331 1 Oracle 1 Mysql 2024-02-04 4.0 MEDIUM N/A
Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
CVE-2003-1433 1 Epic Games 1 Unreal Engine 2024-02-04 4.3 MEDIUM N/A
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.
CVE-2001-0759 1 Jetico 1 Bestcrypt 2024-02-04 7.2 HIGH N/A
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.
CVE-1999-0943 1 Openlink 1 Openlink 2024-02-04 10.0 HIGH N/A
Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator.
CVE-2002-1984 1 Microsoft 1 Internet Explorer 2024-02-04 5.0 MEDIUM N/A
Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046".
CVE-1999-0779 1 Hp 1 Hp-ux 2024-02-04 5.0 MEDIUM N/A
Denial of service in HP-UX SharedX recserv program.
CVE-2004-0663 1 Powerportal 1 Powerportal 2024-02-04 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content modules; and (3) files parameter to the gallery module.
CVE-2003-0454 1 Joe Rumsey 1 Xgalaga 2024-02-04 7.2 HIGH N/A
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.
CVE-1999-0311 1 Hp 1 Hp-ux 2024-02-04 7.2 HIGH N/A
fpkg2swpk in HP-UX allows local users to gain root access.
CVE-2004-2047 1 Easyweb 1 Easyweb Filemanager 2024-02-04 5.0 MEDIUM N/A
Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter.
CVE-2003-1539 1 Onedotoh 1 Simple File Manager 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.
CVE-1999-1009 1 Disney 1 Go Express Search 2024-02-04 2.6 LOW N/A
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.
CVE-2001-0975 1 Oracle 1 Internet Directory 2024-02-04 7.5 HIGH N/A
Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2002-0464 1 Hosting Controller 1 Hosting Controller 2024-02-04 6.4 MEDIUM N/A
Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp.
CVE-2004-2229 1 Oracle 1 Database Server Lite 2024-02-04 4.6 MEDIUM N/A
Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges.
CVE-2001-0839 1 Ibill Internet Billing Company 1 Processing Plus 2024-02-04 7.5 HIGH N/A
ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing.