Total
265902 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1068 | 1 D-link | 1 Dp-303 | 2024-02-28 | 5.0 MEDIUM | N/A |
The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request. | |||||
CVE-2001-1455 | 1 Netegrity | 1 Siteminder | 2024-02-28 | 7.5 HIGH | N/A |
Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters. | |||||
CVE-1999-1069 | 1 Icat | 1 Electronic Commerce Suite | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter. | |||||
CVE-2004-0690 | 1 Kde | 1 Kde | 2024-02-28 | 4.6 MEDIUM | N/A |
The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory. | |||||
CVE-2002-0788 | 1 Pgp | 3 Corporate Desktop, Freeware, Personal Security | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information. | |||||
CVE-2001-0330 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 7.5 HIGH | N/A |
Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed. | |||||
CVE-1999-0233 | 1 Microsoft | 1 Internet Information Services | 2024-02-28 | 10.0 HIGH | N/A |
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. | |||||
CVE-1999-0757 | 1 Allaire | 1 Coldfusion Server | 2024-02-28 | 2.1 LOW | N/A |
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. | |||||
CVE-1999-1221 | 1 Digital | 1 Unix | 2024-02-28 | 2.1 LOW | N/A |
dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file. | |||||
CVE-2002-0562 | 1 Oracle | 3 Application Server, Application Server Web Cache, Oracle9i | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa. | |||||
CVE-2002-0761 | 1 Bzip | 1 Bzip2 | 2024-02-28 | 2.1 LOW | N/A |
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended. | |||||
CVE-2002-1263 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1295. Reason: This candidate is a reservation duplicate of CVE-2002-1295. Notes: All CVE users should reference CVE-2002-1295 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-1999-1378 | 1 Dbmlparser.exe | 1 Dbmlparser.exe | 2024-02-28 | 5.0 MEDIUM | N/A |
dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files. | |||||
CVE-2004-1483 | 1 Symantec | 1 Clientless Vpn Gateway 4400 | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | |||||
CVE-2000-1026 | 1 Lbl | 1 Tcpdump | 2024-02-28 | 10.0 HIGH | N/A |
Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands. | |||||
CVE-2002-1440 | 1 Gateway | 1 Gs-400 | 2024-02-28 | 10.0 HIGH | N/A |
The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges. | |||||
CVE-2003-1242 | 1 Sage | 1 Sage | 2024-02-28 | 5.0 MEDIUM | N/A |
Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message. | |||||
CVE-2002-0023 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read arbitrary files via malformed requests to the GetObject function, which bypass some of GetObject's security checks. | |||||
CVE-2002-1362 | 1 Matthew Smith | 1 Micq | 2024-02-28 | 5.0 MEDIUM | N/A |
mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character. | |||||
CVE-2003-0599 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root. |