Total
28989 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0190 | 1 Aol | 1 Instant Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. | |||||
CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2024-02-28 | 7.5 HIGH | N/A |
The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2002-0281 | 1 Codeworx Technologies | 1 Dcp-portal | 2024-02-28 | 5.1 MEDIUM | N/A |
Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier allows remote attackers to gain privileges of other portal users by providing Javascript in the job information field to user_update.php. | |||||
CVE-2004-1734 | 1 Mantis | 1 Mantis | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitrary PHP code by modifying the (1) t_core_path parameter to bug_api.php or (2) t_core_dir parameter to relationship_api.php to reference a URL on a remote web server that contains the code. | |||||
CVE-2002-1897 | 1 Mywebserver | 1 Mywebserver | 2024-02-28 | 5.0 MEDIUM | N/A |
MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow. | |||||
CVE-2004-1979 | 1 Props | 1 Props | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to inject arbitrary HTML or web script via the search_string parameter. | |||||
CVE-2001-1122 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. | |||||
CVE-2000-0508 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request. | |||||
CVE-2001-0457 | 1 Debian | 1 Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). | |||||
CVE-2001-1444 | 1 Kth | 1 Kth Kerberos | 2024-02-28 | 7.5 HIGH | N/A |
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack. | |||||
CVE-2002-1832 | 1 Scaramanga | 1 Firestorm Ids | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options. | |||||
CVE-2004-0246 | 1 Laurent Adda | 1 Les Commentaires | 2024-02-28 | 10.0 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter. | |||||
CVE-2000-0850 | 1 Netegrity | 1 Siteminder | 2024-02-28 | 7.5 HIGH | N/A |
Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL. | |||||
CVE-2003-0779 | 1 Digium | 1 Asterisk | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. | |||||
CVE-2003-1226 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 2.1 LOW | N/A |
BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords. | |||||
CVE-2003-1142 | 1 Network Instruments | 1 Niprint Lpd-lpr Print Server | 2024-02-28 | 10.0 HIGH | N/A |
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges. | |||||
CVE-1999-0499 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
NETBIOS share information may be published through SNMP registry keys in NT. | |||||
CVE-2003-1180 | 1 Advanced Poll | 1 Advanced Poll | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the base_path or pollvars[lang] parameters to the admin files (1) index.php, (2) admin_tpl_new.php, (3) admin_tpl_misc_new.php, (4) admin_templates_misc.php, (5) admin_templates.php, (6) admin_stats.php, (7) admin_settings.php, (8) admin_preview.php, (9) admin_password.php, (10) admin_logout.php, (11) admin_license.php, (12) admin_help.php, (13) admin_embed.php, (14) admin_edit.php, or (15) admin_comment.php. | |||||
CVE-2002-1606 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-28 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm. | |||||
CVE-2004-2031 | 1 E107 | 1 E107 | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields. |