Total
266883 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1994 | 1 E-zone Media Inc. | 1 Fusetalk | 2024-02-28 | 5.0 MEDIUM | N/A |
| FuseTalk 4.0 allows remote attackers to ban other users via a direct request to banning.cfm. | |||||
| CVE-2004-0533 | 1 Businessobjects | 2 Infoview, Webintelligence | 2024-02-28 | 2.1 LOW | N/A |
| Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client. | |||||
| CVE-2001-0573 | 1 Ibm | 1 Aix | 2024-02-28 | 4.6 MEDIUM | N/A |
| lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory. | |||||
| CVE-2001-0429 | 1 Cisco | 1 Catos | 2024-02-28 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. | |||||
| CVE-2002-1092 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2024-02-28 | 7.5 HIGH | N/A |
| Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication. | |||||
| CVE-2002-0259 | 1 Instantservers Inc. | 1 Miniportal | 2024-02-28 | 4.6 MEDIUM | N/A |
| InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges. | |||||
| CVE-2002-0936 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). | |||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2024-02-28 | 7.2 HIGH | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||||
| CVE-2001-0560 | 1 Paul Vixie | 1 Vixie Cron | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username (> 20 characters). | |||||
| CVE-2003-0728 | 1 Horde | 1 Horde | 2024-02-28 | 6.4 MEDIUM | N/A |
| Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL. | |||||
| CVE-2002-2241 | 1 Deerfield | 1 Visnetic Website | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3.5.15 allows remote attackers to cause a denial of service (crash) via a long HTTP OPTIONS request. | |||||
| CVE-1999-0067 | 2 Apache, Ncsa | 2 Http Server, Ncsa Httpd | 2024-02-28 | 10.0 HIGH | N/A |
| phf CGI program allows remote command execution through shell metacharacters. | |||||
| CVE-2003-0594 | 1 Mozilla | 1 Mozilla | 2024-02-28 | 7.5 HIGH | N/A |
| Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
| CVE-1999-0670 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 4.0 MEDIUM | N/A |
| Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | |||||
| CVE-2001-1364 | 1 Project Purple | 1 Autodns | 2024-02-28 | 7.5 HIGH | N/A |
| Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qualified. | |||||
| CVE-2002-2021 | 1 Woltlab | 1 Burning Board | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2002-1633 | 1 Qnx | 1 Qnx Rtos | 2024-02-28 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long command line arguments to (1) sample, (2) ex, (3) du, (4) find, (5) lex, (6) mkdir, (7) rm, (8) serserv, (9) tcpserv, (10) termdef, (11) time, (12) unzip, (13) use, (14) wcc, (15) wcc386, (16) wd, (17) wdisasm, (18) which, (19) wlib, (20) wlink, (21) wpp, (22) wpp386, (23) wprof, (24) write, or (25) wstrip. | |||||
| CVE-1999-0209 | 1 Sun | 1 Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
| The SunView (SunTools) selection_svc facility allows remote users to read files. | |||||
| CVE-2003-0350 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 4.6 MEDIUM | N/A |
| The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function. | |||||
| CVE-2000-0400 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
| The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post. | |||||