Total
259032 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1604 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver. | |||||
| CVE-2002-1028 | 1 Oddsock | 1 Song Requester | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments. | |||||
| CVE-2003-1513 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp. | |||||
| CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2024-02-04 | 7.5 HIGH | N/A |
| FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | |||||
| CVE-2000-0850 | 1 Netegrity | 1 Siteminder | 2024-02-04 | 7.5 HIGH | N/A |
| Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL. | |||||
| CVE-2004-0672 | 1 Netegrity | 2 Identityminder, Policy Server | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressions parameter or (2) the mobjtype parameter. | |||||
| CVE-2002-0930 | 1 Novell | 1 Netware | 2024-02-04 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | |||||
| CVE-2004-0455 | 2 Debian, Www-sql Project | 2 Debian Linux, Www-sql | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | |||||
| CVE-2000-0878 | 1 Ranson Johnson | 1 Mailto Cgi Script | 2024-02-04 | 7.5 HIGH | N/A |
| The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field. | |||||
| CVE-2002-0090 | 1 Sun | 1 Solaris | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option. | |||||
| CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2024-02-04 | 6.4 MEDIUM | N/A |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. | |||||
| CVE-2002-1019 | 1 Adobe | 1 Adobe Content Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp. | |||||
| CVE-2003-1083 | 1 Tildeslash | 1 Monit | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request. | |||||
| CVE-2001-0687 | 1 Transsoft | 1 Broker Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename). | |||||
| CVE-2000-0147 | 1 Sco | 1 Openserver | 2024-02-04 | 2.1 LOW | N/A |
| snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. | |||||
| CVE-2000-0245 | 1 Sgi | 1 Irix | 2024-02-04 | 10.0 HIGH | N/A |
| Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. | |||||
| CVE-2001-0862 | 1 Cisco | 1 12000 Router | 2024-02-04 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | |||||
| CVE-2002-1348 | 1 W3m | 1 W3m | 2024-02-04 | 5.0 MEDIUM | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | |||||
| CVE-2004-2074 | 1 Bolintech | 1 Dream Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands. | |||||
| CVE-1999-0295 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. | |||||