Total
268501 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0906 | 1 Tetex | 1 Tetex | 2024-02-28 | 6.2 MEDIUM | N/A |
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr. | |||||
CVE-2003-1552 | 1 Graeme | 1 Uploader | 2024-02-28 | 6.8 MEDIUM | N/A |
Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/. | |||||
CVE-2002-1645 | 1 Ssh | 1 Ssh2 | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL. | |||||
CVE-2003-1157 | 1 Citrix | 1 Metaframe | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. | |||||
CVE-2002-0094 | 1 Fraunhofer Fit | 1 Bscw | 2024-02-28 | 7.5 HIGH | N/A |
config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion. | |||||
CVE-1999-0999 | 1 Microsoft | 1 Sql Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet. | |||||
CVE-2002-1614 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at. | |||||
CVE-2002-1112 | 1 Mantis | 1 Mantis | 2024-02-28 | 5.0 MEDIUM | N/A |
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page. | |||||
CVE-2004-2179 | 1 Microsoft | 2 Frontpage, Ie | 2024-02-28 | 5.0 MEDIUM | N/A |
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. | |||||
CVE-2004-1515 | 1 Jelsoft | 1 Vbulletin | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php. | |||||
CVE-1999-0262 | 1 Renaud Deraison | 1 Faxsurvey | 2024-02-28 | 7.5 HIGH | N/A |
Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
CVE-2000-0481 | 1 Kde | 1 K-mail | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name. | |||||
CVE-2004-0192 | 1 Symantec | 1 Gateway Security 5400 | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. | |||||
CVE-2000-0906 | 1 Moreover.com | 1 Cached Feed.cgi Script | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters. | |||||
CVE-2001-1063 | 1 Caldera | 2 Openunix, Unixware | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument. | |||||
CVE-2002-0923 | 1 Cgiscript.net | 1 Csnews | 2024-02-28 | 7.5 HIGH | N/A |
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability. | |||||
CVE-1999-1566 | 1 Intel | 1 Iparty | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. | |||||
CVE-2001-0219 | 1 Hp | 1 Hp-ux | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. | |||||
CVE-2000-0685 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 10.0 HIGH | N/A |
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. | |||||
CVE-2003-1496 | 1 Hp | 1 Tru64 | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840. |