Total
266660 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1770 | 1 Qualcomm | 1 Eudora | 2024-02-28 | 5.0 MEDIUM | N/A |
Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. | |||||
CVE-1999-0028 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
root privileges via buffer overflow in login/scheme command on SGI IRIX systems. | |||||
CVE-2001-0281 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges. | |||||
CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2004-1844 | 1 Expinion.net | 1 Member Management System | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp. | |||||
CVE-2002-1287 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-28 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass. | |||||
CVE-2004-0034 | 1 Phorum | 1 Phorum | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable in login.php. | |||||
CVE-2002-0407 | 1 Lotus | 1 Domino | 2024-02-28 | 5.0 MEDIUM | N/A |
htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2) a request containing a large number of periods, which causes htcgibin.exe to leak the pathname in an error message. | |||||
CVE-2004-0347 | 1 Netscreen | 1 Netscreen-sa 5000 Series | 2024-02-28 | 6.0 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter. | |||||
CVE-2002-0632 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server. | |||||
CVE-2004-1142 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | |||||
CVE-2000-0719 | 1 Varicad | 1 Varicad | 2024-02-28 | 6.2 MEDIUM | N/A |
VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. | |||||
CVE-2004-1514 | 1 Soft3304 | 1 04webserver | 2024-02-28 | 5.0 MEDIUM | N/A |
04WebServer 1.42 allows remote attackers to cause a denial of service (fail to restart properly) via an HTTP request for an MS-DOS device name such as COM2. | |||||
CVE-1999-1380 | 1 Symantec | 1 Norton Utilities | 2024-02-28 | 5.1 MEDIUM | N/A |
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0. | |||||
CVE-1999-0917 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.1 MEDIUM | N/A |
The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files. | |||||
CVE-2002-0816 | 1 Compaq | 1 Tru64 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument. | |||||
CVE-2002-1352 | 1 Per Magne Knutsen | 1 Cartman | 2024-02-28 | 5.0 MEDIUM | N/A |
Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter. | |||||
CVE-2003-1100 | 1 Hummingbird | 1 Cyberdocs | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors. | |||||
CVE-2002-0553 | 1 Turnkey Solutions | 1 Sunshop Shopping Cart | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration. | |||||
CVE-2001-0329 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 7.5 HIGH | N/A |
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi. |