Total
266239 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0457 | 1 Debian | 1 Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). | |||||
CVE-2001-1444 | 1 Kth | 1 Kth Kerberos | 2024-02-28 | 7.5 HIGH | N/A |
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack. | |||||
CVE-2002-1832 | 1 Scaramanga | 1 Firestorm Ids | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options. | |||||
CVE-2004-0246 | 1 Laurent Adda | 1 Les Commentaires | 2024-02-28 | 10.0 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter. | |||||
CVE-2000-0850 | 1 Netegrity | 1 Siteminder | 2024-02-28 | 7.5 HIGH | N/A |
Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL. | |||||
CVE-2003-0779 | 1 Digium | 1 Asterisk | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. | |||||
CVE-2003-1226 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 2.1 LOW | N/A |
BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords. | |||||
CVE-2003-1142 | 1 Network Instruments | 1 Niprint Lpd-lpr Print Server | 2024-02-28 | 10.0 HIGH | N/A |
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges. | |||||
CVE-2003-0624 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier allows remote attackers to inject malicious web script via the person parameter. | |||||
CVE-1999-0499 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
NETBIOS share information may be published through SNMP registry keys in NT. | |||||
CVE-2003-1180 | 1 Advanced Poll | 1 Advanced Poll | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the base_path or pollvars[lang] parameters to the admin files (1) index.php, (2) admin_tpl_new.php, (3) admin_tpl_misc_new.php, (4) admin_templates_misc.php, (5) admin_templates.php, (6) admin_stats.php, (7) admin_settings.php, (8) admin_preview.php, (9) admin_password.php, (10) admin_logout.php, (11) admin_license.php, (12) admin_help.php, (13) admin_embed.php, (14) admin_edit.php, or (15) admin_comment.php. | |||||
CVE-2002-1606 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-28 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm. | |||||
CVE-2004-2031 | 1 E107 | 1 E107 | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields. | |||||
CVE-2004-1805 | 1 Epic Games | 1 Unreal Engine | 2024-02-28 | 5.0 MEDIUM | N/A |
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names. | |||||
CVE-2000-0446 | 1 Marty Bochane | 1 Mdbms | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. | |||||
CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | |||||
CVE-2002-1672 | 1 Webmin | 1 Webmin | 2024-02-28 | 2.1 LOW | N/A |
Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readable), which could allow local users to read the root user's cookie-based authentication credentials and possibly hijack the root user's session using the credentials. | |||||
CVE-1999-1096 | 1 Kde | 1 Kde | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. | |||||
CVE-1999-0589 | 2024-02-28 | 10.0 HIGH | N/A | ||
A system-critical Windows NT registry key has inappropriate permissions. | |||||
CVE-2004-0999 | 1 Zgv | 1 Zgv Image Viewer | 2024-02-28 | 2.6 LOW | N/A |
zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images. |