Vulnerabilities (CVE)

Total 268926 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0718 1 Microsoft 1 Content Management Server 2024-02-28 7.5 HIGH N/A
Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."
CVE-2004-2185 1 Mediawiki 1 Mediawiki 2024-02-28 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.
CVE-2003-1198 1 Cherokee 1 Cherokee Httpd 2024-02-28 5.0 MEDIUM N/A
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field.
CVE-2003-0396 1 Linux-atm 1 Linux-atm 2024-02-28 4.6 MEDIUM N/A
Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument.
CVE-2004-1735 1 Sympa 1 Sympa 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.
CVE-2001-0070 1 Upland Solutions 1 1st Up Mail Server 2024-02-28 10.0 HIGH N/A
Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command.
CVE-2002-1525 2 Astaware, Sun 2 Searchdisc, Sunone Starter Kit 2024-02-28 5.0 MEDIUM N/A
Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017.
CVE-2004-2009 1 Adam Webb 1 Nukejokes 2024-02-28 5.0 MEDIUM N/A
NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via (1) a direct call to mainfunctions.php, (2) an invalid jokeid parameter in a JokeView function or (3) an invalid cat parameter in a CatView function, which reveals the path in a PHP error message.
CVE-1999-0929 1 Novell 2 Http Server, Netware 2024-02-28 5.0 MEDIUM N/A
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
CVE-2001-0014 1 Microsoft 1 Windows 2000 2024-02-28 5.0 MEDIUM N/A
Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability.
CVE-1999-1329 1 Redhat 1 Linux 2024-02-28 7.2 HIGH N/A
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
CVE-2002-2193 1 Mojo Mail 1 Mojo Mail 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to inject arbitrary web script via the email parameter.
CVE-2003-0007 1 Microsoft 1 Outlook 2024-02-28 5.0 MEDIUM N/A
Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."
CVE-1999-0026 1 Sgi 1 Irix 2024-02-28 4.6 MEDIUM N/A
root privileges via buffer overflow in pset command on SGI IRIX systems.
CVE-1999-0879 2 Bsdi, Caldera 2 Bsd Os, Openlinux 2024-02-28 10.0 HIGH N/A
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
CVE-2002-0662 1 Dan Mueth 1 Scrollkeeper 2024-02-28 2.1 LOW N/A
scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.
CVE-2003-1013 1 Ethereal 1 Ethereal 2024-02-28 5.0 MEDIUM 7.5 HIGH
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
CVE-2004-1962 1 Protector System 1 Protector System 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "/**/" sequences in the targeted fields.
CVE-2002-1807 1 Phpwebsite 1 Phpwebsite 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
CVE-2001-1295 1 Grant Averett 1 Cerberus Ftp Server 2024-02-28 5.0 MEDIUM N/A
Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command.