Total
266249 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0534 | 2 Lucent, Merit | 2 Radius, Radius | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2004-0214 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 98 and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | |||||
| CVE-1999-1298 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.5 HIGH | N/A |
| Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources. | |||||
| CVE-2002-1611 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
| CVE-2000-0466 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. | |||||
| CVE-2004-1620 | 1 S9y | 1 Serendipity | 2024-02-28 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php. | |||||
| CVE-2002-0595 | 1 Webtrends | 1 Reporting Center | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory. | |||||
| CVE-2002-1228 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. | |||||
| CVE-2004-0605 | 2 Ircd-hybrid, Ircd-ratbox | 2 Ircd-hybrid, Ircd-ratbox | 2024-02-28 | 5.0 MEDIUM | N/A |
| Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued. | |||||
| CVE-2002-1465 | 1 Cafelog | 1 B2 | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable. | |||||
| CVE-2002-0951 | 1 Ruslan Communications | 1 Body Builder | 2024-02-28 | 10.0 HIGH | N/A |
| SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password. | |||||
| CVE-2000-0902 | 1 Nathan Purciful | 1 Phpphotoalbum | 2024-02-28 | 5.0 MEDIUM | N/A |
| getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 3.7 LOW | N/A |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||||
| CVE-2004-1963 | 1 Freshmeat | 1 Network Query Tool | 2024-02-28 | 5.0 MEDIUM | N/A |
| nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to obtain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | |||||
| CVE-2004-1781 | 1 Info Touch | 1 Surfnet | 2024-02-28 | 4.6 MEDIUM | N/A |
| Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command. | |||||
| CVE-2003-0945 | 1 Sap | 1 Sap Db | 2024-02-28 | 7.5 HIGH | N/A |
| The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities. | |||||
| CVE-2001-0443 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password. | |||||
| CVE-2002-1577 | 1 Sap | 1 Sap R 3 | 2024-02-28 | 7.5 HIGH | N/A |
| SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts. | |||||
| CVE-2002-1683 | 1 Working Resources Inc. | 1 Badblue | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function. | |||||
| CVE-2002-1681 | 1 Open Source Development Network | 1 Slashcode | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag. | |||||