ReportizFlow
Filtered by vendor
Subscriptions
Total
29889 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1732 | 1 Actinic | 1 Actinic Catalog | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl. | ||||
| CVE-2002-1780 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2025-04-03 | N/A |
| BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves. | ||||
| CVE-2002-1847 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | N/A |
| Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability. | ||||
| CVE-2005-2463 | 1 Kayako | 1 Liveresponse | 2025-04-03 | N/A |
| Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message. | ||||
| CVE-2003-0777 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2025-04-03 | N/A |
| saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault). | ||||
| CVE-1999-0681 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2025-04-03 | N/A |
| Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | ||||
| CVE-2005-0963 | 1 Toshiba | 1 Acpi Flash Bios | 2025-04-03 | N/A |
| An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges. | ||||
| CVE-2003-0269 | 1 Youbin | 1 Youbin | 2025-04-03 | N/A |
| Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable. | ||||
| CVE-2003-0324 | 1 Epic | 1 Epic4 | 2025-04-03 | N/A |
| Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, or (2) Statusbar capability. | ||||
| CVE-2003-0338 | 1 Wsmp3 | 2 Wsmp3 Daemon, Wsmp3 Web Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests. | ||||
| CVE-2003-0410 | 1 Analogx | 1 Proxy | 2025-04-03 | N/A |
| Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588. | ||||
| CVE-2003-0419 | 1 Smc Networks | 1 Barricade Wireless Cable Dsl Broadband Router | 2025-04-03 | N/A |
| SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR allows remote attackers to cause a denial of service via certain packets to PPTP port 1723 on the internal interface. | ||||
| CVE-2003-0420 | 1 Apple | 1 Mac Os X Server | 2025-04-03 | N/A |
| Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool. | ||||
| CVE-2003-0424 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi. | ||||
| CVE-2003-0437 | 1 Mnogosearch | 1 Mnogosearch | 2025-04-03 | N/A |
| Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter. | ||||
| CVE-2003-0446 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message. | ||||
| CVE-2003-0447 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated. | ||||
| CVE-2003-0473 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications. | ||||
| CVE-2003-0477 | 1 Wzdftpd | 1 Wzdftpd | 2025-04-03 | N/A |
| wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command without an argument. | ||||
| CVE-2003-0483 | 1 Xmb Forum | 1 Xmb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php. | ||||