Vulnerabilities (CVE)

Total 268501 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0906 1 Tetex 1 Tetex 2024-02-28 6.2 MEDIUM N/A
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.
CVE-2003-1552 1 Graeme 1 Uploader 2024-02-28 6.8 MEDIUM N/A
Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/.
CVE-2002-1645 1 Ssh 1 Ssh2 2024-02-28 10.0 HIGH N/A
Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL.
CVE-2003-1157 1 Citrix 1 Metaframe 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter.
CVE-2002-0094 1 Fraunhofer Fit 1 Bscw 2024-02-28 7.5 HIGH N/A
config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.
CVE-1999-0999 1 Microsoft 1 Sql Server 2024-02-28 4.3 MEDIUM N/A
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
CVE-2002-1614 1 Hp 2 Hp-ux, Tru64 2024-02-28 7.2 HIGH N/A
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
CVE-2002-1112 1 Mantis 1 Mantis 2024-02-28 5.0 MEDIUM N/A
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
CVE-2004-2179 1 Microsoft 2 Frontpage, Ie 2024-02-28 5.0 MEDIUM N/A
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
CVE-2004-1515 1 Jelsoft 1 Vbulletin 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php.
CVE-1999-0262 1 Renaud Deraison 1 Faxsurvey 2024-02-28 7.5 HIGH N/A
Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.
CVE-2000-0481 1 Kde 1 K-mail 2024-02-28 5.0 MEDIUM N/A
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
CVE-2004-0192 1 Symantec 1 Gateway Security 5400 2024-02-28 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
CVE-2000-0906 1 Moreover.com 1 Cached Feed.cgi Script 2024-02-28 5.0 MEDIUM N/A
Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters.
CVE-2001-1063 1 Caldera 2 Openunix, Unixware 2024-02-28 7.2 HIGH N/A
Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument.
CVE-2002-0923 1 Cgiscript.net 1 Csnews 2024-02-28 7.5 HIGH N/A
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
CVE-1999-1566 1 Intel 1 Iparty 2024-02-28 5.0 MEDIUM N/A
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
CVE-2001-0219 1 Hp 1 Hp-ux 2024-02-28 2.1 LOW N/A
Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.
CVE-2000-0685 1 Bea 1 Weblogic Server 2024-02-28 10.0 HIGH N/A
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file.
CVE-2003-1496 1 Hp 1 Tru64 2024-02-28 10.0 HIGH N/A
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.