Total
28988 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0349 | 1 Gweb | 1 Gweb Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GWeb HTTP Server 0.6 allows remote attackers to view arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2004-1466 | 1 Gallery Project | 1 Gallery | 2024-02-28 | 7.5 HIGH | N/A |
| The set_time_limit function in Gallery before 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote attackers to upload and execute execute arbitrary scripts before they are deleted, if the temporary directory is under the web root. | |||||
| CVE-1999-1115 | 1 Hp | 1 Apollo Domain Os | 2024-02-28 | 7.2 HIGH | N/A |
| Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). | |||||
| CVE-2004-1960 | 1 Protector System | 1 Protector System | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in blocker_query.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the (1) target or (2) portNum parameters. | |||||
| CVE-1999-1012 | 1 Lotus | 1 Domino | 2024-02-28 | 5.0 MEDIUM | N/A |
| SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string. | |||||
| CVE-1999-0661 | 2024-02-28 | 10.0 HIGH | N/A | ||
| A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6. | |||||
| CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2024-02-28 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | |||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |||||
| CVE-2004-2157 | 1 S9y | 1 Serendipity | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field. | |||||
| CVE-2001-0612 | 1 Mcafee | 1 Remote Desktop 32 | 2024-02-28 | 5.0 MEDIUM | N/A |
| McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. | |||||
| CVE-2000-1105 | 1 Microsoft | 1 Indexing Service | 2024-02-28 | 4.3 MEDIUM | N/A |
| The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled. | |||||
| CVE-2001-0937 | 1 Matt Wright | 1 Pgpmail.pl | 2024-02-28 | 7.5 HIGH | N/A |
| PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) recipient or (2) pgpuserid parameters. | |||||
| CVE-2004-0885 | 1 Apache | 1 Http Server | 2024-02-28 | 7.5 HIGH | N/A |
| The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration. | |||||
| CVE-2001-0341 | 1 Microsoft | 3 Frontpage Server Extensions, Windows 2000, Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll. | |||||
| CVE-2004-0469 | 1 Checkpoint | 4 Firewall-1, Next Generation, Ng-ai and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. | |||||
| CVE-2002-0861 | 1 Microsoft | 2 Office Web Components, Project | 2024-02-28 | 7.5 HIGH | N/A |
| Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object. | |||||
| CVE-2000-0577 | 1 Netscape | 1 Professional Services Ftpserver | 2024-02-28 | 10.0 HIGH | N/A |
| Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2001-1139 | 1 Ascii Nt | 1 Winwrapper Professional | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to read arbitrary files via a .. (dot dot) in the server request. | |||||
| CVE-2000-0284 | 1 University Of Washington | 1 Imap | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands. | |||||
| CVE-2000-0682 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. | |||||