Total
259190 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2142 | 1 Jorg Schilling | 1 Sdd | 2024-02-04 | 10.0 HIGH | N/A |
| Unknown vulnerability in the remote tape support (remote.c) in the RMT client for Jorg Schilling sdd 1.28 and 1.31 has unknown impact and attack vectors. | |||||
| CVE-1999-0297 | 5 Bsdi, Freebsd, Netbsd and 2 more | 5 Bsd Os, Freebsd, Netbsd and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. | |||||
| CVE-1999-1306 | 1 Cisco | 1 Ios | 2024-02-04 | 7.5 HIGH | N/A |
| Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | |||||
| CVE-1999-1084 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 4.6 MEDIUM | N/A |
| The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. | |||||
| CVE-2002-0148 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page. | |||||
| CVE-2001-1198 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | |||||
| CVE-2004-1849 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html. | |||||
| CVE-2002-0225 | 1 Cisco | 1 Tacacs\+ | 2024-02-04 | 4.6 MEDIUM | N/A |
| tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files. | |||||
| CVE-1999-0071 | 1 Apache | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | |||||
| CVE-1999-1461 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program. | |||||
| CVE-2003-1337 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2004-0154 | 1 Nfs | 1 Nfs-utils | 2024-02-04 | 5.0 MEDIUM | N/A |
| rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name. | |||||
| CVE-2004-1497 | 1 Minihttpserver.net | 1 Web Forums Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges. | |||||
| CVE-2004-1872 | 1 Webct | 1 Webct | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag. | |||||
| CVE-2004-0872 | 1 Opera | 1 Opera Browser | 2024-02-04 | 5.0 MEDIUM | N/A |
| Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | |||||
| CVE-2004-1649 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future. | |||||
| CVE-2001-0726 | 1 Microsoft | 1 Exchange Server | 2024-02-04 | 7.5 HIGH | N/A |
| Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message. | |||||
| CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | |||||
| CVE-2002-1050 | 1 Hylafax | 1 Hylafax | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data. | |||||
| CVE-2003-1100 | 1 Hummingbird | 1 Cyberdocs | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors. | |||||