Total
266302 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1958 | 1 Kmmail | 1 Kmmail | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field. | |||||
CVE-2003-0293 | 1 Palm | 1 Palmos | 2024-02-28 | 5.0 MEDIUM | N/A |
PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets. | |||||
CVE-2001-0676 | 1 Ritlabs | 1 The Bat | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f and earlier allows a remote attacker to create arbitrary files via a "dot dot" attack in the filename for an attachment. | |||||
CVE-2002-2172 | 1 Shana | 2 Informed Designer, Informed Filler | 2024-02-28 | 2.1 LOW | N/A |
Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information. | |||||
CVE-2004-1166 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. | |||||
CVE-2002-2067 | 1 East-tec | 1 Eraser | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | |||||
CVE-2002-1161 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1380. Reason: This candidate is a reservation duplicate of CVE-2002-1380. Notes: none | |||||
CVE-2004-1616 | 1 Links | 1 Links | 2024-02-28 | 5.0 MEDIUM | N/A |
Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangleme. | |||||
CVE-2003-0739 | 1 Vmware | 1 Workstation | 2024-02-28 | 4.6 MEDIUM | N/A |
VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. | |||||
CVE-2000-0107 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.2 HIGH | N/A |
Linux apcd program allows local attackers to modify arbitrary files via a symlink attack. | |||||
CVE-2001-0199 | 1 Guido Frassetto | 1 Sedum | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the HTTP GET request. | |||||
CVE-2004-0719 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-1999-0450 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-28 | 7.5 HIGH | N/A |
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | |||||
CVE-2004-1600 | 1 Coolphp | 1 Coolphp | 2024-02-28 | 5.0 MEDIUM | N/A |
index.php in CoolPHP 1.0-stable allows remote attackers to gain sensitive information via an invalid op parameter, which reveals the path in an error message. | |||||
CVE-2000-0874 | 1 Qualcomm | 1 Eudora | 2024-02-28 | 5.0 MEDIUM | N/A |
Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF). | |||||
CVE-2001-0080 | 1 Cisco | 3 Catalyst 4000, Catalyst 5000, Catalyst 6000 | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. | |||||
CVE-2004-1533 | 1 Digital Mappings Systems | 1 Pop3 Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a denial of service (service crash) via a long (1) username or (2) password. | |||||
CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 7.5 HIGH | N/A |
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
CVE-2002-2086 | 1 Squirrelmail | 1 Squirrelmail | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an IMG tag. | |||||
CVE-1999-0438 | 1 Ramp Networks | 2 Webramp 200i, Webramp M3 | 2024-02-28 | 5.0 MEDIUM | N/A |
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address. |