Total
266899 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1259 | 1 Microsoft | 1 Office | 2024-02-28 | 2.1 LOW | N/A |
| Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information. | |||||
| CVE-2001-0641 | 3 Immunix, Redhat, Suse | 3 Immunix, Linux, Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. | |||||
| CVE-2001-0818 | 1 Marty Bochane | 1 Mdbms | 2024-02-28 | 7.5 HIGH | N/A |
| A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier allows remote attackers to execute arbitrary commands by sending the command a large amount of data. | |||||
| CVE-2001-0368 | 1 Free Peers | 1 Bearshare | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack. | |||||
| CVE-2003-1243 | 1 Sage | 1 Sage | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. | |||||
| CVE-2004-0764 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2024-02-28 | 10.0 HIGH | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | |||||
| CVE-2001-0917 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.0 MEDIUM | N/A |
| Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension. | |||||
| CVE-2001-1191 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2024-02-28 | 5.0 MEDIUM | N/A |
| WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | |||||
| CVE-2004-0314 | 1 Freewebs | 1 Webzedit | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attackers to execute arbitrary script as other users via the message parameter. | |||||
| CVE-1999-0076 | 1 Washington University | 1 Wu-ftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in wu-ftp from PASV command causes a core dump. | |||||
| CVE-2000-0432 | 1 Matt Kruse | 1 Calendar Script | 2024-02-28 | 7.5 HIGH | N/A |
| The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2003-0307 | 1 Poster | 1 Poster | 2024-02-28 | 7.5 HIGH | N/A |
| Poster version.two allows remote authenticated users to gain administrative privileges by appending the "|" field separator and an "admin" value into the email address field. | |||||
| CVE-2000-0378 | 1 Redhat | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
| The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. | |||||
| CVE-2002-0417 | 1 Endymion | 1 Mailman Webmail | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs. | |||||
| CVE-2003-0038 | 1 Gnu | 1 Mailman | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. | |||||
| CVE-2003-0791 | 2 Mozilla, Sco | 2 Mozilla, Openserver | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. | |||||
| CVE-2003-0677 | 1 Cisco | 1 Webns | 2024-02-28 | 5.0 MEDIUM | N/A |
| Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure." | |||||
| CVE-2004-0594 | 6 Avaya, Debian, Hp and 3 more | 6 Converged Communications Server, Debian Linux, Hp-ux and 3 more | 2024-02-28 | 5.1 MEDIUM | N/A |
| The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. | |||||
| CVE-1999-0021 | 1 Muhammad A. Muquit | 1 Wwwcount | 2024-02-28 | 7.5 HIGH | N/A |
| Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program. | |||||
| CVE-2003-1229 | 2 Oracle, Sun | 3 Jre, Java Web Start, Jsse | 2024-02-28 | 7.5 HIGH | N/A |
| X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in improper validation of digital certificate and allows remote attackers to (1) falsely authenticate peers for SSL or (2) incorrectly validate signed JAR files. | |||||