Total
266684 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0627 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-02-28 | 7.5 HIGH | N/A |
The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests. | |||||
CVE-2002-2143 | 1 Mysimplenews | 1 Mysimplenews | 2024-02-28 | 7.5 HIGH | N/A |
The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.html. | |||||
CVE-1999-0269 | 1 Netscape | 1 Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Netscape Enterprise servers may list files through the PageServices query. | |||||
CVE-2004-2217 | 1 Ychat | 1 Ychat | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | |||||
CVE-2002-0185 | 1 Apache | 1 Mod Python | 2024-02-28 | 7.5 HIGH | N/A |
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | |||||
CVE-2002-1638 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-2153. Reason: This candidate is a duplicate of CVE-2002-2153. Notes: All CVE users should reference CVE-2002-2153 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2001-0471 | 1 Ssh | 1 Ssh | 2024-02-28 | 7.5 HIGH | N/A |
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack. | |||||
CVE-2003-0604 | 1 Microsoft | 1 Windows Media Player | 2024-02-28 | 7.5 HIGH | N/A |
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. | |||||
CVE-2001-1022 | 2 Gnu, Jgroff | 2 Groff, Jgroff | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | |||||
CVE-2004-1605 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2024-02-28 | 7.5 HIGH | N/A |
SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator. | |||||
CVE-2003-1275 | 1 Microsoft | 1 Pocket Ie | 2024-02-28 | 5.0 MEDIUM | N/A |
Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function. | |||||
CVE-2004-0316 | 1 Avirt | 1 Avirt Soho | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (1) a large GET request to port 1080 or (2) a large GET request of % characters to port 8080. | |||||
CVE-2001-0147 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | |||||
CVE-2004-2022 | 1 Activestate | 1 Activeperl | 2024-02-28 | 2.1 LOW | N/A |
ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl. | |||||
CVE-2001-1562 | 1 Bsd | 1 Nvi | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename. | |||||
CVE-2002-1864 | 1 Sws | 1 Sws Simple Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request. | |||||
CVE-2002-1466 | 1 Cafelog | 1 B2 | 2024-02-28 | 10.0 HIGH | N/A |
CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable. | |||||
CVE-2002-1384 | 2 Easy Software Products, Xpdf | 2 Cups, Xpdf | 2024-02-28 | 7.2 HIGH | N/A |
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | |||||
CVE-1999-1183 | 1 Sgi | 1 Irix | 2024-02-28 | 7.6 HIGH | N/A |
System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type. | |||||
CVE-2003-0067 | 1 Aterm | 1 Aterm | 2024-02-28 | 7.5 HIGH | N/A |
The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |