Vulnerabilities (CVE)

Total 260444 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1090 1 Celestial Software 1 Absolutetelnet 2024-02-04 10.0 HIGH N/A
Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.
CVE-2000-0114 1 Microsoft 1 Internet Information Server 2024-02-04 5.0 MEDIUM N/A
Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
CVE-2000-0153 1 Microsoft 2 Frontpage, Personal Web Server 2024-02-04 5.0 MEDIUM N/A
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVE-2004-0759 1 Mozilla 1 Mozilla 2024-02-04 6.4 MEDIUM N/A
Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.
CVE-2002-0398 1 Red-m 1 1050ap Lan Acess Point 2024-02-04 10.0 HIGH N/A
Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name.
CVE-2002-0710 1 Rod Clark 1 Sendform.cgi 2024-02-04 6.4 MEDIUM N/A
Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter.
CVE-2002-0617 1 Microsoft 2 Excel, Office 2024-02-04 5.1 MEDIUM N/A
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."
CVE-2004-2091 1 Microsoft 1 Baseline Security Analyzer 2024-02-04 5.0 MEDIUM N/A
Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.
CVE-2003-0293 1 Palm 1 Palmos 2024-02-04 5.0 MEDIUM N/A
PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets.
CVE-2002-2338 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2024-02-04 5.0 MEDIUM N/A
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVE-2004-0728 1 Microsoft 1 Systems Management Server 2024-02-04 5.0 MEDIUM N/A
The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that causes the server to read or write to an invalid memory address.
CVE-2003-0840 1 Hp 1 Hp-ux 2024-02-04 7.2 HIGH N/A
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.
CVE-2002-0783 1 Opera Software 1 Opera Web Browser 2024-02-04 7.5 HIGH N/A
Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL.
CVE-2003-0079 1 Hanterm 1 Hanterm-xf 2024-02-04 2.1 LOW N/A
The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
CVE-2004-2111 1 Solarwinds 1 Serv-u File Server 2024-02-04 8.5 HIGH N/A
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
CVE-2000-0104 1 Web Express 1 Shoptron 2024-02-04 7.5 HIGH N/A
The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2002-0216 1 Xoops 1 Xoops 2024-02-04 5.0 MEDIUM N/A
userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter.
CVE-2002-0360 1 Sun 1 Solaris Answerbook2 2024-02-04 7.5 HIGH N/A
Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program.
CVE-2003-1456 4 Linux, Microsoft, Mike Bobbitt and 1 more 4 Linux Kernel, All Windows, Album.pl and 1 more 2024-02-04 5.0 MEDIUM N/A
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.
CVE-2003-1157 1 Citrix 1 Metaframe 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter.