Vulnerabilities (CVE)

Total 260505 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1482 1 Phpbb Group 1 Phpbb 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable.
CVE-2004-2195 1 Zanfi Solutions 1 Zanfi Cms Lite 2024-02-04 5.0 MEDIUM N/A
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter.
CVE-2002-0001 1 Mutt 1 Mutt 2024-02-04 7.5 HIGH N/A
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
CVE-2004-1812 1 Broadcom 1 Unicenter Tng 2024-02-04 10.0 HIGH N/A
Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code.
CVE-2001-0299 1 Nokia 1 Ip440 Firewall Vpn Appliance 2024-02-04 7.5 HIGH N/A
Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL.
CVE-2001-0272 1 W3.org 1 Sendtemp.pl 2024-02-04 5.0 MEDIUM N/A
Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter.
CVE-2004-0700 2 Gentoo, Mod Ssl 2 Linux, Mod Ssl 2024-02-04 7.5 HIGH N/A
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
CVE-2000-0292 1 Adtran 1 Mx2800 2024-02-04 5.0 MEDIUM N/A
The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash.
CVE-2004-0215 2 Avaya, Microsoft 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more 2024-02-04 5.0 MEDIUM N/A
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.
CVE-2000-0967 1 Php 1 Php 2024-02-04 10.0 HIGH N/A
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
CVE-1999-0302 1 Sun 2 Solaris, Sunos 2024-02-04 7.5 HIGH N/A
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
CVE-2001-1134 1 Xerox 1 Docuprint N40 2024-02-04 5.0 MEDIUM N/A
Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm.
CVE-2002-2353 1 Tftpd32 1 Tftpd32 2024-02-04 6.4 MEDIUM N/A
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests.
CVE-2003-1160 1 Seyeon 1 Flexwatch Network Video Server 2024-02-04 10.0 HIGH N/A
FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//).
CVE-2001-0041 1 Cisco 1 Catos 2024-02-04 7.8 HIGH N/A
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
CVE-2003-0692 1 Kde 1 Kde 2024-02-04 7.5 HIGH N/A
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
CVE-2004-0465 1 Openconnect 1 Webconnect 2024-02-04 5.0 MEDIUM N/A
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter.
CVE-2004-0727 1 Microsoft 1 Internet Explorer 2024-02-04 7.5 HIGH N/A
Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability."
CVE-2002-1197 1 Mozilla 1 Bugzilla 2024-02-04 7.5 HIGH N/A
bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.
CVE-2002-1430 1 Synthetic Reality 1 Sympoll 2024-02-04 5.0 MEDIUM N/A
Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.