Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0217 | 1 Xoops | 1 Xoops | 2008-09-10 | 7.5 HIGH | N/A |
| Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php. | |||||
| CVE-2002-0221 | 1 Etype | 1 Eserv | 2008-09-10 | 5.0 MEDIUM | N/A |
| Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV. | |||||
| CVE-2002-0219 | 1 Sas | 2 Sas Base, Sas Integration Technologies | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument. | |||||
| CVE-2002-0220 | 1 Phpsmssend | 1 Phpsmssend | 2008-09-10 | 7.5 HIGH | N/A |
| phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute arbitrary commands via an SMS message containing shell metacharacters. | |||||
| CVE-2002-0228 | 1 Microsoft | 1 Msn Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites). | |||||
| CVE-2002-0223 | 2 Infopop, Wired Community Software | 2 Ultimate Bulletin Board, Wwwthreads | 2008-09-10 | 7.5 HIGH | N/A |
| Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension. | |||||
| CVE-2002-0246 | 1 Caldera | 1 Unixware | 2008-09-10 | 7.2 HIGH | N/A |
| Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint. | |||||
| CVE-2002-0247 | 1 Wliang | 1 Wmtv | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflows in wmtv 0.6.5 and earlier may allow local users to gain privileges. | |||||
| CVE-2002-0248 | 1 Wliang | 1 Wmtv | 2008-09-10 | 7.2 HIGH | N/A |
| wmtv 0.6.5 and earlier allows local users to modify arbitrary files via a symlink attack on a configuration file. | |||||
| CVE-2002-0311 | 1 Caldera | 2 Openunix, Unixware | 2008-09-10 | 10.0 HIGH | N/A |
| Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi. | |||||
| CVE-2006-6439 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2008-09-10 | 7.8 HIGH | N/A |
| Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to download the audit log and obtain potentially sensitive information via unspecified vectors. | |||||
| CVE-2006-6434 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2008-09-10 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to bypass authentication controls via unknown vectors. | |||||
| CVE-2006-6441 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2008-09-10 | 4.6 MEDIUM | N/A |
| Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows local users to bypass security controls and boot Alchemy via certain alternate boot media, as demonstrated by a USB thumb drive. | |||||
| CVE-2006-6438 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2008-09-10 | 4.9 MEDIUM | N/A |
| Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 leaves sensitive user data in http.log after an Immediate Image Overwrite (IIO), which allows local users to obtain the data by reading the http.log file. | |||||
| CVE-2006-6437 | 1 Xerox | 1 Workcentre | 2008-09-10 | 7.8 HIGH | N/A |
| ops3-dmn in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows attackers to cause a denial of service (application crash and core dump) via a certain PS file. | |||||
| CVE-2006-6436 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2008-09-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Network controller in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to inject arbitrary web script or HTML via HTTP TRACE messages. | |||||
| CVE-2006-6435 | 1 Xerox | 1 Workcentre | 2008-09-10 | 7.5 HIGH | N/A |
| The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 does not generate authentication failure traps, which allows remote attackers to more easily gain system access and obtain sensitive information via a brute force attack. | |||||
| CVE-2005-4835 | 1 Madwifi | 1 Madwifi | 2008-09-10 | 7.1 HIGH | N/A |
| The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission. | |||||
| CVE-2005-4663 | 1 Ocomon | 1 Ocomon | 2008-09-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in OcoMon 1.20, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
| CVE-2005-3290 | 1 Accelerated Enterprise Solutions | 1 Accelerated Mortgage Manager | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field. | |||||