Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0760 | 1 Allaire | 1 Coldfusion Server | 2024-02-28 | 10.0 HIGH | N/A |
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. | |||||
CVE-2003-0860 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors. | |||||
CVE-2000-0531 | 2 Caldera, Redhat | 3 Openlinux, Openlinux Eserver, Linux | 2024-02-28 | 2.1 LOW | N/A |
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets. | |||||
CVE-2002-0700 | 1 Microsoft | 1 Content Management Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server (MCMS) 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise." | |||||
CVE-2004-0477 | 1 3com | 1 3cp4144 | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass authentication via repeated attempts using any username and password. NOTE: this identifier was inadvertently re-used for another issue due to a typo; that issue was assigned CVE-2004-0447. This candidate is ONLY for the ADSL router bypass. | |||||
CVE-2004-0820 | 1 Nullsoft | 1 Winamp | 2024-02-28 | 4.6 MEDIUM | N/A |
Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. | |||||
CVE-2004-1829 | 1 Error Manager | 1 Php-nuke Module | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pagetitle or (2) error parameters, or (3) certain parameters in the error log. | |||||
CVE-2002-1901 | 1 Bodo Bauer | 1 Bbgallery | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags. | |||||
CVE-2001-1392 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers. | |||||
CVE-1999-0852 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 7.2 HIGH | N/A |
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin. | |||||
CVE-2004-0424 | 3 Linux, Sgi, Slackware | 3 Linux Kernel, Propack, Slackware Linux | 2024-02-28 | 7.2 HIGH | N/A |
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | |||||
CVE-2002-0263 | 1 Ezne.net | 1 Ezboard 2000 | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. | |||||
CVE-2002-0789 | 1 Mnogosearch | 1 Mnogosearch | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter. | |||||
CVE-1999-1479 | 1 Matt Wright | 1 Textcounter | 2024-02-28 | 10.0 HIGH | N/A |
The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2002-0714 | 1 Squid | 1 Squid | 2024-02-28 | 7.5 HIGH | N/A |
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses. | |||||
CVE-2004-1973 | 1 Digi | 1 Www Server | 2024-02-28 | 5.0 MEDIUM | N/A |
DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters. | |||||
CVE-2000-1149 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability. | |||||
CVE-2002-1824 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability. | |||||
CVE-2002-1202 | 1 Compaq | 1 Tru64 | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files. | |||||
CVE-2002-2078 | 1 Floosietek | 2 Ftgateoffice, Ftgatepro | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. |