Total
266150 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2010 | 1 Phpshop | 1 Phpshop | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg. | |||||
CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2024-02-28 | 10.0 HIGH | N/A |
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | |||||
CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
CVE-2002-2209 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors. | |||||
CVE-1999-0935 | 2024-02-28 | 10.0 HIGH | N/A | ||
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. | |||||
CVE-1999-0891 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect. | |||||
CVE-2000-0500 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing. | |||||
CVE-2000-0710 | 1 Microsoft | 1 Frontpage | 2024-02-28 | 5.0 MEDIUM | N/A |
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name. | |||||
CVE-2003-0203 | 2 Moxftp, Xftp | 2 Moxftp, Xftp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. | |||||
CVE-2002-2311 | 2 Microsoft, Opera Software | 2 Internet Explorer, Opera Web Browser | 2024-02-28 | 6.4 MEDIUM | N/A |
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue. | |||||
CVE-1999-0100 | 1 Isc | 1 Inn | 2024-02-28 | 10.0 HIGH | N/A |
Remote access in AIX innd 1.5.1, using control messages. | |||||
CVE-2001-1397 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory. | |||||
CVE-2004-1451 | 1 Mozilla | 1 Mozilla | 2024-02-28 | 2.6 LOW | N/A |
Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks. | |||||
CVE-2000-0645 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-28 | 6.4 MEDIUM | N/A |
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE). | |||||
CVE-2002-1698 | 1 Microsoft | 1 Msn Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header. | |||||
CVE-1999-0167 | 1 Sun | 1 Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. | |||||
CVE-2004-1392 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | |||||
CVE-2000-0403 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. | |||||
CVE-2001-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. | |||||
CVE-2002-2102 | 1 Jcraft | 1 Jzlib | 2024-02-28 | 5.0 MEDIUM | N/A |
InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data. |