Total
260150 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0492 | 1 Passwd | 1 Passwd | 2024-02-04 | 5.0 MEDIUM | N/A |
| PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords. | |||||
| CVE-2003-0930 | 1 Clearswift | 1 Mailsweeper | 2024-02-04 | 7.5 HIGH | N/A |
| Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. | |||||
| CVE-2001-0452 | 1 Brs | 1 Webweaver | 2024-02-04 | 5.0 MEDIUM | N/A |
| BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. | |||||
| CVE-2000-1145 | 1 Recourse Technologies | 1 Mantrap | 2024-02-04 | 4.6 MEDIUM | N/A |
| Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or fsdb to read /dev/mem and raw disk devices to identify ManTrap processes or modify arbitrary data files. | |||||
| CVE-2002-0877 | 1 Evolvable Corporation | 1 Shambala Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands. | |||||
| CVE-2001-0056 | 1 Cisco | 1 Broadband Operating System | 2024-02-04 | 7.5 HIGH | N/A |
| The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | |||||
| CVE-2001-1440 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
| Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system. | |||||
| CVE-2001-0088 | 1 Jason Hines | 1 Phpweblog | 2024-02-04 | 7.5 HIGH | N/A |
| common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog. | |||||
| CVE-2001-0875 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. | |||||
| CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2024-02-04 | 7.5 HIGH | N/A |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||||
| CVE-2004-0723 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-04 | 6.4 MEDIUM | N/A |
| Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." | |||||
| CVE-2003-1250 | 1 Efficient Networks | 1 5861 Dsl Router | 2024-02-04 | 5.0 MEDIUM | N/A |
| Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. | |||||
| CVE-2002-1285 | 1 Suse | 1 Suse Linux | 2024-02-04 | 7.2 HIGH | N/A |
| runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. | |||||
| CVE-2003-0611 | 1 Xtokkaetama | 1 Xtokkaetama | 2024-02-04 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. | |||||
| CVE-2004-1651 | 1 Brickhost | 1 Phpscheduleit | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Lastname fields during new user registration, or (3) the Schedule Name field. | |||||
| CVE-2002-1082 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded. | |||||
| CVE-2000-0963 | 4 Freebsd, Gnu, Immunix and 1 more | 4 Freebsd, Ncurses, Immunix and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | |||||
| CVE-2001-0836 | 1 Oracle | 1 Application Server Web Cache | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-1493 | 1 Lycos | 1 Htmlgear Guestgear | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag. | |||||
| CVE-2002-1501 | 1 Enterasys | 1 Smartswitch Ssr8000 | 2024-02-04 | 5.0 MEDIUM | N/A |
| The MPS functionality in Enterasys SSR8000 (Smart Switch Router) before firmware 8.3.0.10 allows remote attackers to cause a denial of service (crash) via multiple port scans to ports 15077 and 15078. | |||||