Total
267 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2331 | 1 Cascadesoft | 1 W3mail | 2024-11-20 | 5.8 MEDIUM | N/A |
| W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending code in MIME attachments, then requesting the attachments. | |||||
| CVE-2002-2285 | 1 Broadcom | 1 Inoculateit | 2024-11-20 | 4.3 MEDIUM | N/A |
| eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection. | |||||
| CVE-2002-2280 | 1 Openbsd | 1 Openbsd | 2024-11-20 | 2.1 LOW | N/A |
| syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server. | |||||
| CVE-2002-2263 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2024-11-20 | 6.6 MEDIUM | N/A |
| The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files. | |||||
| CVE-2002-2247 | 1 Mambo | 1 Mambo Site Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function. | |||||
| CVE-2002-2234 | 1 Netscreen | 1 Screenos | 2024-11-20 | 4.3 MEDIUM | N/A |
| NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests. | |||||
| CVE-2000-1247 | 1 Apache | 1 Jserv | 2024-11-20 | 2.1 LOW | N/A |
| The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI. | |||||
| CVE-1999-0886 | 1 Microsoft | 1 Windows Nt | 2024-11-20 | 9.0 HIGH | N/A |
| The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. | |||||
| CVE-1999-0875 | 2 Microsoft, Sun | 5 Windows 2000, Windows 95, Windows 98se and 2 more | 2024-11-20 | 7.5 HIGH | N/A |
| DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | |||||
| CVE-1999-0858 | 1 Microsoft | 1 Internet Explorer | 2024-11-20 | 5.0 MEDIUM | N/A |
| Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server. | |||||
| CVE-1999-0766 | 1 Microsoft | 2 Internet Explorer, Java Virtual Machine | 2024-11-20 | 9.3 HIGH | N/A |
| The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. | |||||
| CVE-1999-0725 | 1 Microsoft | 1 Internet Information Server | 2024-11-20 | 7.1 HIGH | N/A |
| When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". | |||||
| CVE-1999-0701 | 1 Microsoft | 1 Windows Nt | 2024-11-20 | 7.2 HIGH | N/A |
| After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. | |||||
| CVE-1999-0656 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 5.0 MEDIUM | N/A |
| The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | |||||
| CVE-2024-45448 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-05 | N/A | 5.5 MEDIUM |
| Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-9136 | 1 Huawei | 2 Emui, Harmonyos | 2024-10-01 | N/A | 7.5 HIGH |
| Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2024-47294 | 1 Huawei | 2 Emui, Harmonyos | 2024-10-01 | N/A | 7.5 HIGH |
| Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-47291 | 1 Huawei | 2 Emui, Harmonyos | 2024-10-01 | N/A | 5.5 MEDIUM |
| Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-42031 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-20 | N/A | 7.5 HIGH |
| Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52719 | 2024-05-14 | N/A | 7.1 HIGH | ||
| Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||