Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. | |||||
CVE-2002-0293 | 1 Alcatel-lucent | 1 Omnipcx | 2024-02-28 | 6.2 MEDIUM | N/A |
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file. | |||||
CVE-2000-0236 | 1 Netscape | 1 Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | |||||
CVE-2001-1466 | 1 Van Dyke Technologies | 1 Securecrt | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | |||||
CVE-2004-0543 | 1 Oracle | 2 Applications, E-business Suite | 2024-02-28 | 10.0 HIGH | N/A |
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. | |||||
CVE-2001-0253 | 1 Iweb Systems | 1 Hyperseek | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter. | |||||
CVE-2004-1521 | 1 Qualcomm | 1 Eudora | 2024-02-28 | 5.0 MEDIUM | N/A |
Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers. | |||||
CVE-2004-2193 | 1 Cjoverkill | 1 Cjoverkill | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) tms[0] or (2) url parameters. | |||||
CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | |||||
CVE-2000-1138 | 1 Ibm | 1 Lotus Notes | 2024-02-28 | 7.5 HIGH | N/A |
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. | |||||
CVE-2001-1497 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 2.1 LOW | N/A |
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | |||||
CVE-2004-0315 | 1 Avirt | 1 Voice | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long GET request on port 1080. | |||||
CVE-2002-1564 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. | |||||
CVE-2002-1129 | 2 Compaq, Digital | 2 Tru64, Osf 1 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument. | |||||
CVE-2001-0758 | 1 Evolvable Corporation | 1 Shambala Server | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command. | |||||
CVE-2003-0208 | 1 Macromedia | 1 Flash | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field. | |||||
CVE-1999-0748 | 1 Redhat | 1 Linux | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in Red Hat net-tools package. | |||||
CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
CVE-2002-0614 | 1 Php-survey | 1 Php-survey | 2024-02-28 | 5.0 MEDIUM | N/A |
PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server. | |||||
CVE-2004-1812 | 1 Broadcom | 1 Unicenter Tng | 2024-02-28 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code. |