Total
265808 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1593 | 1 Sct Corporation | 1 Campus Pipeline | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter. | |||||
| CVE-2004-2060 | 1 Xlinesoft | 1 Asprunner | 2024-02-28 | 5.0 MEDIUM | N/A |
| ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names. | |||||
| CVE-2002-0770 | 1 Id Software | 1 Quake 2i Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated using "say $rcon_password." | |||||
| CVE-1999-1160 | 1 Hp | 1 Hp-ux | 2024-02-28 | 10.0 HIGH | N/A |
| Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. | |||||
| CVE-2002-0627 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-02-28 | 7.5 HIGH | N/A |
| The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests. | |||||
| CVE-2002-2143 | 1 Mysimplenews | 1 Mysimplenews | 2024-02-28 | 7.5 HIGH | N/A |
| The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.html. | |||||
| CVE-1999-0269 | 1 Netscape | 1 Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Netscape Enterprise servers may list files through the PageServices query. | |||||
| CVE-2004-2217 | 1 Ychat | 1 Ychat | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | |||||
| CVE-2002-0185 | 1 Apache | 1 Mod Python | 2024-02-28 | 7.5 HIGH | N/A |
| mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | |||||
| CVE-2002-1638 | 2024-02-28 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-2153. Reason: This candidate is a duplicate of CVE-2002-2153. Notes: All CVE users should reference CVE-2002-2153 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
| CVE-2001-0471 | 1 Ssh | 1 Ssh | 2024-02-28 | 7.5 HIGH | N/A |
| SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack. | |||||
| CVE-2003-0604 | 1 Microsoft | 1 Windows Media Player | 2024-02-28 | 7.5 HIGH | N/A |
| Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. | |||||
| CVE-2001-1022 | 2 Gnu, Jgroff | 2 Groff, Jgroff | 2024-02-28 | 7.5 HIGH | N/A |
| Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | |||||
| CVE-2004-1605 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2024-02-28 | 7.5 HIGH | N/A |
| SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator. | |||||
| CVE-2003-1275 | 1 Microsoft | 1 Pocket Ie | 2024-02-28 | 5.0 MEDIUM | N/A |
| Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function. | |||||
| CVE-2004-0316 | 1 Avirt | 1 Avirt Soho | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (1) a large GET request to port 1080 or (2) a large GET request of % characters to port 8080. | |||||
| CVE-2001-0147 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | |||||
| CVE-2004-2022 | 1 Activestate | 1 Activeperl | 2024-02-28 | 2.1 LOW | N/A |
| ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl. | |||||
| CVE-2001-1562 | 1 Bsd | 1 Nvi | 2024-02-28 | 7.2 HIGH | N/A |
| Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename. | |||||
| CVE-2002-1864 | 1 Sws | 1 Sws Simple Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request. | |||||