Vulnerabilities (CVE)

Total 258805 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-1330 2 Debian, Redhat 2 Debian Linux, Linux 2024-02-04 4.6 MEDIUM N/A
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
CVE-2001-0028 1 Igor Khasilev 1 Oops Proxy Server 2024-02-04 10.0 HIGH N/A
Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters.
CVE-2003-1459 1 Ttcms 2 Ttcms, Ttforum 2024-02-04 6.8 MEDIUM N/A
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php.
CVE-2003-0235 1 Mirabilis 1 Icq 2024-02-04 7.5 HIGH N/A
Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command.
CVE-1999-1387 1 Microsoft 1 Windows Nt 2024-02-04 5.0 MEDIUM N/A
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25.
CVE-2004-1528 1 Rob Sutton 1 Php-nuke Event Calendar 2024-02-04 5.0 MEDIUM N/A
The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php, (2) index.php, or (3) submit.php, which reveal the full path in an error message.
CVE-2003-1526 1 Francisco Burzi 1 Php-nuke 2024-02-04 5.0 MEDIUM N/A
PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message.
CVE-1999-0196 1 Webgais Development Team 1 Webgais 2024-02-04 5.0 MEDIUM N/A
websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable).
CVE-2000-1127 1 Hp 1 Hp-ux 2024-02-04 3.6 LOW N/A
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.
CVE-2002-0801 1 Macromedia 1 Jrun 2024-02-04 10.0 HIGH N/A
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file.
CVE-1999-1363 1 Microsoft 1 Windows Nt 2024-02-04 2.1 LOW N/A
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
CVE-2002-1198 1 Mozilla 1 Bugzilla 2024-02-04 7.5 HIGH N/A
Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.
CVE-2003-1554 1 Scoznet 1 Scozbook 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.
CVE-2002-0964 1 Valve Software 2 Half-life, Half-life Dedicated Server 2024-02-04 5.0 MEDIUM N/A
Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.
CVE-2004-0127 1 Phpgedview 1 Phpgedview 2024-02-04 7.5 HIGH N/A
Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and earlier allows remote attackers to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter.
CVE-1999-1026 1 Sun 1 Solaris 2024-02-04 7.2 HIGH N/A
aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.
CVE-1999-0611 2024-02-04 10.0 HIGH N/A
A system-critical Windows NT registry key has an inappropriate value.
CVE-2002-1230 1 Microsoft 2 Windows 2000, Windows 2000 Terminal Services 2024-02-04 4.6 MEDIUM N/A
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
CVE-2004-0413 2 Openpkg, Subversion 2 Openpkg, Subversion 2024-02-04 10.0 HIGH N/A
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.
CVE-2003-0871 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-04 7.5 HIGH N/A
Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."