Total
258801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1987 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
| picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters. | |||||
| CVE-1999-0865 | 1 Stalker | 1 Communigate Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port. | |||||
| CVE-1999-0099 | 5 Bsdi, Convex, Cray and 2 more | 7 Bsd Os, Convexos, Spp-ux and 4 more | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. | |||||
| CVE-1999-0711 | 1 Oracle | 1 Oracle8i | 2024-02-04 | 4.6 MEDIUM | N/A |
| The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. | |||||
| CVE-2004-0375 | 1 Symantec | 4 Client Firewall, Client Security, Norton Internet Security and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero. | |||||
| CVE-2002-2129 | 1 W-agora | 1 W-agora | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form. | |||||
| CVE-2001-0393 | 1 Navision | 1 Financials Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the license limits. | |||||
| CVE-2001-1312 | 1 Ibm | 1 Lotus Domino R5 | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1279 | 1 Lbl | 1 Tcpdump | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulnerability than CVE-2000-1026. | |||||
| CVE-2004-1442 | 1 Ibm | 1 Net.data | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E." | |||||
| CVE-2000-0275 | 1 Cryptocard | 1 Cryptoadmin | 2024-02-04 | 2.1 LOW | N/A |
| CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. | |||||
| CVE-2000-1215 | 1 Ibm | 1 Lotus Domino | 2024-02-04 | 5.0 MEDIUM | N/A |
| The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2004-1330 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | |||||
| CVE-2004-1351 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
| Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-0335 | 1 Galacticomm Technologies | 2 Worldgroup, Worldgroup Lite Personal Server | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request. | |||||
| CVE-2002-1587 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
| The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. | |||||
| CVE-2002-1467 | 1 Macromedia | 2 Flash Player, Shockwave | 2024-02-04 | 5.0 MEDIUM | N/A |
| Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | |||||
| CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||||
| CVE-2000-0026 | 2 Sco, Windowmaker | 2 Unixware, Wmmon | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string. | |||||
| CVE-2001-1382 | 1 Openbsd | 1 Openssh | 2024-02-04 | 5.0 MEDIUM | N/A |
| The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used. | |||||