Total
266704 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1955 | 1 Phprofession | 1 Phprofession | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter. | |||||
| CVE-2001-1335 | 1 Aclogic | 1 Cesarftp | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot). | |||||
| CVE-1999-0597 | 2024-02-28 | 10.0 HIGH | N/A | ||
| A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire. | |||||
| CVE-1999-0463 | 1 L0pht | 1 L0phtcrack | 2024-02-28 | 5.0 MEDIUM | N/A |
| Remote attackers can perform a denial of service using IRIX fcagent. | |||||
| CVE-2002-0711 | 1 Hp | 1 Trucluster Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service. | |||||
| CVE-2002-0670 | 1 Pingtel | 1 Xpressa | 2024-02-28 | 7.5 HIGH | N/A |
| The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing. | |||||
| CVE-2004-1156 | 1 Mozilla | 2 Firefox, Mozilla | 2024-02-28 | 4.3 MEDIUM | N/A |
| Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2004-2063 | 1 Antiboard | 1 Antiboard | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter. | |||||
| CVE-2003-0646 | 1 Trend Micro | 2 Damage Cleanup Server, Housecall | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings. | |||||
| CVE-2002-1501 | 1 Enterasys | 1 Smartswitch Ssr8000 | 2024-02-28 | 5.0 MEDIUM | N/A |
| The MPS functionality in Enterasys SSR8000 (Smart Switch Router) before firmware 8.3.0.10 allows remote attackers to cause a denial of service (crash) via multiple port scans to ports 15077 and 15078. | |||||
| CVE-1999-0708 | 1 Infodrom | 1 Cfingerd | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | |||||
| CVE-2003-0137 | 1 Nokia | 1 Sgsn Dx200 | 2024-02-28 | 5.0 MEDIUM | N/A |
| SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings. | |||||
| CVE-2003-1474 | 1 Freebsd | 1 Slashem-tty | 2024-02-28 | 7.2 HIGH | N/A |
| slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris. | |||||
| CVE-2002-0255 | 1 Arescom | 1 Netdsl | 2024-02-28 | 10.0 HIGH | N/A |
| The default configuration of Arescom NetDSL 800 does not require authentication, which allows remote attackers to cause a denial of service or reconfigure the router. | |||||
| CVE-2002-0357 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
| Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges. | |||||
| CVE-2003-0037 | 1 Noffle | 1 Noffle | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code. | |||||
| CVE-2003-0780 | 3 Conectiva, Mysql, Oracle | 3 Linux, Mysql, Mysql | 2024-02-28 | 9.0 HIGH | N/A |
| Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | |||||
| CVE-2000-0924 | 1 Armada Design | 1 Master Index | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter. | |||||
| CVE-2000-0562 | 1 Iss | 2 Blackice Agent, Blackice Defender | 2024-02-28 | 7.5 HIGH | N/A |
| BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. | |||||
| CVE-2000-0818 | 1 Oracle | 1 Listener | 2024-02-28 | 10.0 HIGH | N/A |
| The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | |||||