Total
266140 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0615 | 3 Cgi.pm, Debian, Openpkg | 3 Cgi.pm, Debian Linux, Openpkg | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | |||||
| CVE-1999-0486 | 1 Aol | 1 Instant Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
| Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash. | |||||
| CVE-2002-2216 | 1 Soft3304 | 1 04webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
| Soft3304 04WebServer before 1.20 does not properly process URL strings, which allows remote attackers to obtain unspecified sensitive information. | |||||
| CVE-2001-0467 | 1 Robtex | 1 Viking Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request. | |||||
| CVE-2004-2166 | 1 Canon | 2 Imagerunner 5000i, Imagerunner C3200 | 2024-02-28 | 7.5 HIGH | N/A |
| The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | |||||
| CVE-2002-1086 | 1 Visualshapers | 1 Ezcontents | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities. | |||||
| CVE-2003-0024 | 1 Aterm | 1 Aterm | 2024-02-28 | 7.5 HIGH | N/A |
| The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | |||||
| CVE-2001-1434 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | |||||
| CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.2 HIGH | N/A |
| Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | |||||
| CVE-2003-1556 | 1 Cgi City | 1 Cc Guestbook | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters. | |||||
| CVE-2002-0126 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD. | |||||
| CVE-2004-0207 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more | 2024-02-28 | 2.1 LOW | N/A |
| "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions. | |||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2024-02-28 | 10.0 HIGH | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||||
| CVE-2001-0103 | 1 Coffeecup Software | 2 Coffeecup Direct Ftp, Coffeecup Free Ftp | 2024-02-28 | 4.6 MEDIUM | N/A |
| CoffeeCup Direct and Free FTP clients uses weak encryption to store passwords in the FTPServers.ini file, which could allow attackers to easily decrypt the passwords. | |||||
| CVE-2004-1947 | 1 Softwin | 1 Bitdefender | 2024-02-28 | 5.0 MEDIUM | N/A |
| The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab. | |||||
| CVE-1999-0146 | 1 Ncsa | 2 Campas, Servers | 2024-02-28 | 7.5 HIGH | N/A |
| The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file. | |||||
| CVE-2003-1136 | 1 Chi Kien Uong | 1 Chi Kien Uong Guestbook | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL. | |||||
| CVE-2002-2088 | 1 Mosix Project | 1 Clump Os | 2024-02-28 | 10.0 HIGH | N/A |
| The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access. | |||||
| CVE-2004-0194 | 1 Adobe | 1 Acrobat Reader | 2024-02-28 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data. | |||||
| CVE-2001-1019 | 1 Seaglass Technologies Inc. | 1 Sglmerchant | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in view_item CGI program in sglMerchant 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTML_FILE parameter. | |||||