Total
265944 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1984 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2024-02-28 | 5.0 MEDIUM | N/A |
Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.php, which reveal the full path in a PHP error message. | |||||
CVE-2004-1411 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2024-02-28 | 2.6 LOW | N/A |
Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. | |||||
CVE-2004-0286 | 1 Robotftp | 1 Robotftp Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username. | |||||
CVE-2002-1902 | 1 Markus Triska | 1 Cgiforum | 2024-02-28 | 5.0 MEDIUM | N/A |
CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent. | |||||
CVE-2002-1999 | 1 Hp | 1 Praesidium Webproxy | 2024-02-28 | 5.0 MEDIUM | N/A |
HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. | |||||
CVE-2002-1524 | 1 Nullsoft | 1 Winamp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag. | |||||
CVE-2004-1891 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged. | |||||
CVE-2004-2125 | 1 Iss | 4 Blackice Agent Server, Blackice Pc Protection, Blackice Server Protection and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value. | |||||
CVE-2004-0767 | 1 Ngsec | 1 Stackdefender | 2024-02-28 | 5.0 MEDIUM | N/A |
NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions. | |||||
CVE-2003-0623 | 1 Bea | 2 Tuxedo, Weblogic Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument. | |||||
CVE-1999-0126 | 1 Xfree86 Project | 1 Xfree86 | 2024-02-28 | 7.2 HIGH | N/A |
SGI IRIX buffer overflow in xterm and Xaw allows root access. | |||||
CVE-2001-0416 | 3 Debian, Immunix, Mandrakesoft | 3 Sgml-tools, Immunix, Mandrake Linux | 2024-02-28 | 2.1 LOW | N/A |
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. | |||||
CVE-2002-1799 | 1 Phprank | 1 Phprank | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) email parameter to add.php or (2) banurl parameter. | |||||
CVE-2004-1636 | 1 Net Integration Technologies Inc. | 1 Wvtftp | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet. | |||||
CVE-2000-0673 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability. | |||||
CVE-2003-0655 | 1 Cdrtools | 1 Cdrtools | 2024-02-28 | 7.2 HIGH | N/A |
rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root privileges by specifying the target file as a command line argument, which is modified while rscsi is running with privileges. | |||||
CVE-2003-0188 | 2 Lv, Redhat | 3 Lv, Linux, Lv | 2024-02-28 | 7.2 HIGH | N/A |
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories. | |||||
CVE-1999-0178 | 1 Oreilly | 1 Oreilly Website | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string. | |||||
CVE-2004-1389 | 1 Veritas | 1 Netbackup | 2024-02-28 | 6.0 MEDIUM | N/A |
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature. | |||||
CVE-1999-0760 | 1 Allaire | 1 Coldfusion Server | 2024-02-28 | 10.0 HIGH | N/A |
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. |