Total
268926 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0718 | 1 Microsoft | 1 Content Management Server | 2024-02-28 | 7.5 HIGH | N/A |
Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function." | |||||
CVE-2004-2185 | 1 Mediawiki | 1 Mediawiki | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage. | |||||
CVE-2003-1198 | 1 Cherokee | 1 Cherokee Httpd | 2024-02-28 | 5.0 MEDIUM | N/A |
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. | |||||
CVE-2003-0396 | 1 Linux-atm | 1 Linux-atm | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument. | |||||
CVE-2004-1735 | 1 Sympa | 1 Sympa | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. | |||||
CVE-2001-0070 | 1 Upland Solutions | 1 1st Up Mail Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command. | |||||
CVE-2002-1525 | 2 Astaware, Sun | 2 Searchdisc, Sunone Starter Kit | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017. | |||||
CVE-2004-2009 | 1 Adam Webb | 1 Nukejokes | 2024-02-28 | 5.0 MEDIUM | N/A |
NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via (1) a direct call to mainfunctions.php, (2) an invalid jokeid parameter in a JokeView function or (3) an invalid cat parameter in a CatView function, which reveals the path in a PHP error message. | |||||
CVE-1999-0929 | 1 Novell | 2 Http Server, Netware | 2024-02-28 | 5.0 MEDIUM | N/A |
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. | |||||
CVE-2001-0014 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 5.0 MEDIUM | N/A |
Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | |||||
CVE-1999-1329 | 1 Redhat | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. | |||||
CVE-2002-2193 | 1 Mojo Mail | 1 Mojo Mail | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to inject arbitrary web script via the email parameter. | |||||
CVE-2003-0007 | 1 Microsoft | 1 Outlook | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." | |||||
CVE-1999-0026 | 1 Sgi | 1 Irix | 2024-02-28 | 4.6 MEDIUM | N/A |
root privileges via buffer overflow in pset command on SGI IRIX systems. | |||||
CVE-1999-0879 | 2 Bsdi, Caldera | 2 Bsd Os, Openlinux | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. | |||||
CVE-2002-0662 | 1 Dan Mueth | 1 Scrollkeeper | 2024-02-28 | 2.1 LOW | N/A |
scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files. | |||||
CVE-2003-1013 | 1 Ethereal | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. | |||||
CVE-2004-1962 | 1 Protector System | 1 Protector System | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "/**/" sequences in the targeted fields. | |||||
CVE-2002-1807 | 1 Phpwebsite | 1 Phpwebsite | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
CVE-2001-1295 | 1 Grant Averett | 1 Cerberus Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. |