Total
258992 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1593 | 1 Sct Corporation | 1 Campus Pipeline | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter. | |||||
| CVE-2001-1101 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 6.4 MEDIUM | N/A |
| The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2002-2337 | 1 Kaspersky Lab | 1 Kaspersky Anti-hacker | 2024-02-04 | 5.0 MEDIUM | N/A |
| Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
| CVE-2003-1127 | 1 Whale Communications | 1 E-gap | 2024-02-04 | 5.0 MEDIUM | N/A |
| Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. | |||||
| CVE-2003-1537 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. | |||||
| CVE-1999-1393 | 1 Apple | 1 Macos | 2024-02-04 | 4.6 MEDIUM | N/A |
| Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. | |||||
| CVE-2001-0648 | 1 Phprojekt | 1 Phprojekt | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PHProjekt 2.1 and earlier allows a remote attacker to conduct unauthorized activities via a dot dot (..) attack on the file module. | |||||
| CVE-2001-0487 | 1 Ibm | 1 Aix Snmp | 2024-02-04 | 5.0 MEDIUM | N/A |
| AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. | |||||
| CVE-1999-0082 | 2 Ftp, Ftpcd | 2 Ftp, Ftpcd | 2024-02-04 | 10.0 HIGH | N/A |
| CWD ~root command in ftpd allows root access. | |||||
| CVE-1999-0911 | 1 Proftpd Project | 1 Proftpd | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. | |||||
| CVE-2002-2184 | 1 Digi-net Technologies | 1 Digichat | 2024-02-04 | 5.0 MEDIUM | N/A |
| Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet. | |||||
| CVE-2002-2399 | 1 Cascadesoft | 1 W3mail | 2024-02-04 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2004-1969 | 1 Openbb | 1 Openbb | 2024-02-04 | 7.5 HIGH | N/A |
| The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to execute arbitrary script by uploading files that include scripting code such as Javascript. | |||||
| CVE-2000-0368 | 1 Cisco | 1 Ios | 2024-02-04 | 2.1 LOW | N/A |
| Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. | |||||
| CVE-2000-0330 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-04 | 7.6 HIGH | N/A |
| The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability. | |||||
| CVE-2004-0547 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2003-0640 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 10.0 HIGH | N/A |
| BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges. | |||||
| CVE-1999-1585 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges. | |||||
| CVE-2004-0958 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
| php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length. | |||||
| CVE-2001-1521 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter. | |||||