Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0519 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2024-02-28 | 7.5 HIGH | N/A |
| Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags. | |||||
| CVE-2004-2105 | 1 Novell | 1 Netware | 2024-02-28 | 5.0 MEDIUM | N/A |
| The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. | |||||
| CVE-1999-0180 | 2024-02-28 | 7.5 HIGH | N/A | ||
| in.rshd allows users to login with a NULL username and execute commands. | |||||
| CVE-2001-1270 | 1 Pkware | 1 Pkzip | 2024-02-28 | 2.1 LOW | N/A |
| Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files. | |||||
| CVE-2003-1428 | 2 Bharat Mediratta, Linux | 2 Gallery, Linux Kernel | 2024-02-28 | 4.8 MEDIUM | N/A |
| Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos. | |||||
| CVE-2003-1272 | 1 Nullsoft | 1 Winamp | 2024-02-28 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter. | |||||
| CVE-2004-1817 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke 7.1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Your Name field, (2) e-mail field, (3) nicname field, (4) fname parameter, (5) ratenum parameter, or (6) search field. | |||||
| CVE-2004-0802 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2024-02-28 | 5.1 MEDIUM | N/A |
| Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | |||||
| CVE-2002-2282 | 1 Mcafee | 1 Virusscan | 2024-02-28 | 6.9 MEDIUM | N/A |
| McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs. | |||||
| CVE-2000-1023 | 1 Alabanza | 1 Control Panel | 2024-02-28 | 7.5 HIGH | N/A |
| The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program. | |||||
| CVE-1999-1526 | 1 Macromedia | 1 Shockwave Flash Plugin | 2024-02-28 | 5.0 MEDIUM | N/A |
| Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia. | |||||
| CVE-2001-0575 | 1 Sco | 1 Openserver | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut. | |||||
| CVE-2004-0870 | 1 Kde | 1 Konqueror | 2024-02-28 | 5.0 MEDIUM | N/A |
| KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | |||||
| CVE-2004-2096 | 1 Mephistoles Internet Suite | 1 Mephistoles Httpd | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL. | |||||
| CVE-2002-0949 | 1 Telindus | 1 Adsl Router | 2024-02-28 | 7.5 HIGH | N/A |
| Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext. | |||||
| CVE-2003-0848 | 1 Slocate | 1 Slocate | 2024-02-28 | 4.6 MEDIUM | N/A |
| Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used. | |||||
| CVE-2001-1254 | 1 Com2001 | 1 Alexis Server | 2024-02-28 | 7.5 HIGH | N/A |
| Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing. | |||||
| CVE-1999-0436 | 1 Hp | 2 Desms, Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | |||||
| CVE-2002-0744 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
| namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. | |||||
| CVE-2003-0195 | 1 Slackware | 1 Slackware Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out. | |||||