Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2055 | 1 Phpbb Group | 1 Phpbb | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter. | |||||
CVE-2004-1823 | 1 Jelsoft | 1 Vbulletin | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the (1) page parameter to showthread.php or (2) order parameter to forumdisplay.php. | |||||
CVE-2001-1578 | 1 Sco | 1 Openserver | 2024-02-28 | 2.1 LOW | N/A |
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors. | |||||
CVE-2004-1634 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 5.0 MEDIUM | N/A |
show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information. | |||||
CVE-2002-0692 | 1 Microsoft | 3 Frontpage Server Extensions, Windows 2000, Windows Xp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request. | |||||
CVE-2000-1202 | 1 Ibm | 1 Http Server Ssl Module Common | 2024-02-28 | 7.2 HIGH | N/A |
ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class. | |||||
CVE-2001-0137 | 1 Microsoft | 1 Windows Media Player | 2024-02-28 | 5.1 MEDIUM | N/A |
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability. | |||||
CVE-2000-0636 | 1 Hp | 1 Jetdirect | 2024-02-28 | 5.0 MEDIUM | N/A |
HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command. | |||||
CVE-2000-0619 | 1 Toplayer | 1 Appswitch | 2024-02-28 | 5.0 MEDIUM | N/A |
Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets. | |||||
CVE-1999-0182 | 1 Samba | 1 Samba | 2024-02-28 | 10.0 HIGH | N/A |
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | |||||
CVE-1999-0162 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | |||||
CVE-2001-0198 | 1 Apple | 1 Quicktime | 2024-02-28 | 7.6 HIGH | N/A |
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
CVE-1999-1320 | 1 Novell | 1 Netware | 2024-02-28 | 4.6 MEDIUM | N/A |
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | |||||
CVE-2004-0379 | 1 Microsoft | 1 Sharepoint Portal Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts. | |||||
CVE-2001-1538 | 1 Speedxess | 1 Ha-120 Dsl Router | 2024-02-28 | 7.5 HIGH | N/A |
SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access. | |||||
CVE-2003-0055 | 1 Apple | 1 Quicktime Darwin Mp3 Broadcaster | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. | |||||
CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2024-02-28 | 5.0 MEDIUM | N/A |
IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | |||||
CVE-2001-1036 | 2 Gnu, Slackware | 2 Findutils, Slackware Linux | 2024-02-28 | 7.2 HIGH | N/A |
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. | |||||
CVE-1999-1377 | 1 Matt Wright | 1 Download.cgi | 2024-02-28 | 5.0 MEDIUM | N/A |
Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||
CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. |