Vulnerabilities (CVE)

Total 260207 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-1197 1 Mozilla 1 Bugzilla 2024-02-04 7.5 HIGH N/A
bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.
CVE-2002-1430 1 Synthetic Reality 1 Sympoll 2024-02-04 5.0 MEDIUM N/A
Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.
CVE-1999-0272 1 Slmail 1 Slmail 2024-02-04 5.0 MEDIUM N/A
Denial of service in Slmail v2.5 through the POP3 port.
CVE-2001-0518 1 Oracle 1 Oracle9i 2024-02-04 5.0 MEDIUM N/A
Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang.
CVE-2004-0592 1 Suse 1 Suse Linux 2024-02-04 5.0 MEDIUM N/A
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.
CVE-2003-0332 1 Working Resources Inc. 1 Badblue 2024-02-04 7.6 HIGH N/A
The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension.
CVE-2004-0534 1 Businessobjects 2 Infoview, Webintelligence 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
CVE-1999-1250 1 Blue World Communications 1 Lasso Cgi 2024-02-04 5.0 MEDIUM N/A
Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files.
CVE-2001-1040 1 Hp 1 Jetadmin 2024-02-04 6.4 MEDIUM N/A
HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.
CVE-2001-0979 1 Hp 1 Hp-ux 2024-02-04 7.2 HIGH N/A
Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.
CVE-2000-0533 1 Sgi 1 Workshop Debugger And Performance Tools 2024-02-04 7.2 HIGH N/A
Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files.
CVE-2003-0643 1 Linux 1 Linux Kernel 2024-02-04 2.1 LOW N/A
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
CVE-2002-1448 1 Avaya 3 Cajun M770-atm, Cajun P130, Cajun P330 2024-02-04 7.5 HIGH N/A
An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges.
CVE-2002-1794 1 Hp 2 Hp-ux, Ldap-ux Integration 2024-02-04 10.0 HIGH N/A
Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.
CVE-2001-0281 1 Microsoft 1 Windows Nt 2024-02-04 7.2 HIGH N/A
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
CVE-2000-0023 1 Lotus 1 Domino Server 2024-02-04 5.0 MEDIUM N/A
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
CVE-2002-0846 1 Macromedia 1 Shockwave Flash 2024-02-04 7.5 HIGH N/A
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
CVE-1999-0103 2024-02-04 5.0 MEDIUM N/A
Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm.
CVE-2001-0911 2 Francisco Burzi, Postnuke Software Foundation 2 Php-nuke, Postnuke 2024-02-04 7.5 HIGH N/A
PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it.
CVE-2003-0749 1 Sap 1 Internet Transaction Server 2024-02-04 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter.