Total
266069 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0877 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system. | |||||
| CVE-2004-0242 | 1 Qualiteam | 1 X-cart | 2024-02-28 | 5.0 MEDIUM | N/A |
| X-Cart 3.4.3 allows remote attackers to gain sensitive information via a mode parameter with (1) phpinfo command or (2) perlinfo command. | |||||
| CVE-2000-0228 | 1 Microsoft | 1 Windows Media Rights Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability. | |||||
| CVE-2002-0718 | 1 Microsoft | 1 Content Management Server | 2024-02-28 | 7.5 HIGH | N/A |
| Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function." | |||||
| CVE-2004-2185 | 1 Mediawiki | 1 Mediawiki | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage. | |||||
| CVE-2003-1198 | 1 Cherokee | 1 Cherokee Httpd | 2024-02-28 | 5.0 MEDIUM | N/A |
| connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. | |||||
| CVE-2003-0396 | 1 Linux-atm | 1 Linux-atm | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument. | |||||
| CVE-2004-1735 | 1 Sympa | 1 Sympa | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. | |||||
| CVE-2001-0070 | 1 Upland Solutions | 1 1st Up Mail Server | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command. | |||||
| CVE-2002-1525 | 2 Astaware, Sun | 2 Searchdisc, Sunone Starter Kit | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017. | |||||
| CVE-2004-2009 | 1 Adam Webb | 1 Nukejokes | 2024-02-28 | 5.0 MEDIUM | N/A |
| NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via (1) a direct call to mainfunctions.php, (2) an invalid jokeid parameter in a JokeView function or (3) an invalid cat parameter in a CatView function, which reveals the path in a PHP error message. | |||||
| CVE-1999-0929 | 1 Novell | 2 Http Server, Netware | 2024-02-28 | 5.0 MEDIUM | N/A |
| Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. | |||||
| CVE-2001-0014 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | |||||
| CVE-1999-1329 | 1 Redhat | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. | |||||
| CVE-2002-2193 | 1 Mojo Mail | 1 Mojo Mail | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to inject arbitrary web script via the email parameter. | |||||
| CVE-2003-0007 | 1 Microsoft | 1 Outlook | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." | |||||
| CVE-1999-0026 | 1 Sgi | 1 Irix | 2024-02-28 | 4.6 MEDIUM | N/A |
| root privileges via buffer overflow in pset command on SGI IRIX systems. | |||||
| CVE-1999-0879 | 2 Bsdi, Caldera | 2 Bsd Os, Openlinux | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. | |||||
| CVE-2002-0662 | 1 Dan Mueth | 1 Scrollkeeper | 2024-02-28 | 2.1 LOW | N/A |
| scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files. | |||||
| CVE-2003-1013 | 1 Ethereal | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. | |||||