Total
266684 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1151 | 1 Kde | 2 Kde, Konqueror | 2024-02-28 | 7.5 HIGH | N/A |
| The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. | |||||
| CVE-2004-0780 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument. | |||||
| CVE-2000-0905 | 1 Qnx | 1 Voyager | 2024-02-28 | 5.0 MEDIUM | N/A |
| QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page. | |||||
| CVE-2003-1038 | 1 Sap | 1 Internet Transaction Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames. | |||||
| CVE-1999-0588 | 2024-02-28 | 7.5 HIGH | N/A | ||
| A filter in a router or firewall allows unusual fragmented packets. | |||||
| CVE-1999-0051 | 3 Globetrotter, Sgi, Sun | 5 Flexlm, Irix, License Oeo and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. | |||||
| CVE-2003-0968 | 1 Freeradius | 1 Freeradius | 2024-02-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute. | |||||
| CVE-2001-0500 | 1 Microsoft | 3 Index Server, Indexing Service, Internet Information Server | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. | |||||
| CVE-1999-1075 | 1 Ibm | 1 Aix | 2024-02-28 | 5.0 MEDIUM | N/A |
| inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd. | |||||
| CVE-2002-0566 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type. | |||||
| CVE-2001-0310 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 2.1 LOW | N/A |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. | |||||
| CVE-1999-0893 | 1 Sco | 1 Openserver | 2024-02-28 | 2.1 LOW | N/A |
| userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. | |||||
| CVE-1999-0131 | 8 Bsdi, Digital, Eric Allman and 5 more | 9 Bsd Os, Osf 1, Sendmail and 6 more | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||||
| CVE-2003-0404 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2024-02-28 | 4.3 MEDIUM | N/A |
| Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. | |||||
| CVE-2004-1384 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php. | |||||
| CVE-2002-0881 | 1 Cisco | 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 | 2024-02-28 | 2.1 LOW | N/A |
| Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings. | |||||
| CVE-2000-0740 | 1 Network Associates | 1 Net Tools Pki Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port. | |||||
| CVE-2004-2029 | 1 Trevor Hogan | 1 Bnbt | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value. | |||||
| CVE-2003-0722 | 1 Sun | 1 Solaris | 2024-02-28 | 10.0 HIGH | N/A |
| The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets. | |||||
| CVE-2001-0088 | 1 Jason Hines | 1 Phpweblog | 2024-02-28 | 7.5 HIGH | N/A |
| common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog. | |||||