Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0690 | 2 Cde, Hp | 2 Cde, Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| HP CDE program includes the current directory in root's PATH variable. | |||||
| CVE-2002-1195 | 1 Gabriele Bartolini | 1 Ht Check | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page. | |||||
| CVE-2003-0121 | 1 Clearswift | 1 Mailsweeper | 2024-02-28 | 7.5 HIGH | N/A |
| Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients. | |||||
| CVE-2002-1699 | 1 Pascal Michaud | 1 Asp Client Check | 2024-02-28 | 10.0 HIGH | N/A |
| SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2000-0595 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 4.6 MEDIUM | N/A |
| libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory. | |||||
| CVE-2001-1327 | 1 Berkeley Softworks | 1 Pmake | 2024-02-28 | 4.6 MEDIUM | N/A |
| pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. | |||||
| CVE-2003-0615 | 3 Cgi.pm, Debian, Openpkg | 3 Cgi.pm, Debian Linux, Openpkg | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | |||||
| CVE-1999-0486 | 1 Aol | 1 Instant Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
| Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash. | |||||
| CVE-2002-2216 | 1 Soft3304 | 1 04webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
| Soft3304 04WebServer before 1.20 does not properly process URL strings, which allows remote attackers to obtain unspecified sensitive information. | |||||
| CVE-2001-0467 | 1 Robtex | 1 Viking Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request. | |||||
| CVE-2004-2166 | 1 Canon | 2 Imagerunner 5000i, Imagerunner C3200 | 2024-02-28 | 7.5 HIGH | N/A |
| The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | |||||
| CVE-2002-1086 | 1 Visualshapers | 1 Ezcontents | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities. | |||||
| CVE-2003-0024 | 1 Aterm | 1 Aterm | 2024-02-28 | 7.5 HIGH | N/A |
| The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | |||||
| CVE-2001-1434 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | |||||
| CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.2 HIGH | N/A |
| Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | |||||
| CVE-2002-0126 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD. | |||||
| CVE-2004-0207 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more | 2024-02-28 | 2.1 LOW | N/A |
| "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions. | |||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2024-02-28 | 10.0 HIGH | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||||
| CVE-2004-1947 | 1 Softwin | 1 Bitdefender | 2024-02-28 | 5.0 MEDIUM | N/A |
| The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab. | |||||