Total
260448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0216 | 1 Xoops | 1 Xoops | 2024-02-04 | 5.0 MEDIUM | N/A |
| userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter. | |||||
| CVE-2002-0360 | 1 Sun | 1 Solaris Answerbook2 | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program. | |||||
| CVE-2003-1456 | 4 Linux, Microsoft, Mike Bobbitt and 1 more | 4 Linux Kernel, All Windows, Album.pl and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors. | |||||
| CVE-2003-1157 | 1 Citrix | 1 Metaframe | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. | |||||
| CVE-2000-0796 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option. | |||||
| CVE-2004-1960 | 1 Protector System | 1 Protector System | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in blocker_query.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the (1) target or (2) portNum parameters. | |||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | |||||
| CVE-2001-1577 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused. | |||||
| CVE-1999-1402 | 2 Freebsd, Sun | 3 Freebsd, Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
| The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | |||||
| CVE-2002-1707 | 1 Phpbb Group | 1 Phpbb | 2024-02-04 | 5.0 MEDIUM | N/A |
| install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2002-2218 | 1 Sips | 1 Sips | 2024-02-04 | 10.0 HIGH | N/A |
| CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value. | |||||
| CVE-2001-0398 | 1 Ritlabs | 1 The Bat | 2024-02-04 | 7.5 HIGH | N/A |
| The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon. | |||||
| CVE-2001-0915 | 1 Berkeley | 1 Pmake | 2024-02-04 | 7.2 HIGH | N/A |
| Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition. | |||||
| CVE-1999-1236 | 1 True North | 1 Internet Anywhere Mail Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf. | |||||
| CVE-2002-0003 | 1 Gnu | 1 Groff | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | |||||
| CVE-2000-0546 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. | |||||
| CVE-2003-0946 | 1 Clam Anti-virus | 1 Clamav | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command. | |||||
| CVE-2002-1499 | 1 Factosystem | 1 Factosystem Weblog | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) the email parameter in holdcomment.asp. | |||||
| CVE-2003-0653 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
| The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. | |||||
| CVE-2001-1424 | 1 Alcatel | 1 Speed Touch Home | 2024-02-04 | 7.5 HIGH | N/A |
| Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | |||||