Total
258797 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1225 | 1 Hughes | 1 Msql | 2024-02-04 | 2.1 LOW | N/A |
| Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried. | |||||
| CVE-2003-0283 | 1 Phorum | 1 Phorum | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail. | |||||
| CVE-2002-0334 | 1 Xtell | 1 Xtell | 2024-02-04 | 2.1 LOW | N/A |
| xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. | |||||
| CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in NLS (Natural Language Service). | |||||
| CVE-2000-0906 | 1 Moreover.com | 1 Cached Feed.cgi Script | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters. | |||||
| CVE-2000-0600 | 2 Netscape, Novell | 2 Enterprise Server, Netware | 2024-02-04 | 7.5 HIGH | N/A |
| Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL. | |||||
| CVE-2001-0325 | 1 Qnx | 1 Rtp | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | |||||
| CVE-2004-2123 | 1 Nextplace | 1 E-commerce Asp Engine | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp, (2) searchKey parameter of searchresults.asp, and possibly (3) level parameter of ListCategories.asp. | |||||
| CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2003-1487 | 1 Phorum | 1 Phorum | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program. | |||||
| CVE-2004-0031 | 1 Phpgedview | 1 Phpgedview | 2024-02-04 | 7.5 HIGH | N/A |
| PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php. | |||||
| CVE-2001-0922 | 1 Sun | 1 Netdynamics | 2024-02-04 | 7.5 HIGH | N/A |
| ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | |||||
| CVE-1999-0847 | 1 Freechess.org | 1 Fics Program | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in free internet chess server (FICS) program, xboard. | |||||
| CVE-2002-1996 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php. | |||||
| CVE-2002-1027 | 1 Macromedia | 1 Sitespring | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter. | |||||
| CVE-2001-1288 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
| Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe. | |||||
| CVE-1999-0478 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in HP-UX sendmail 8.8.6 related to accepting connections. | |||||
| CVE-2003-1299 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2024-02-04 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. | |||||
| CVE-2003-0256 | 1 Kde | 1 Kopete | 2024-02-04 | 7.5 HIGH | N/A |
| The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2002-1440 | 1 Gateway | 1 Gs-400 | 2024-02-04 | 10.0 HIGH | N/A |
| The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges. | |||||