| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files using a different application. |
| Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries. |
| SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter. |
| Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $_COOKIE PHP variable, which is not cleansed by PHP-Nuke. |
| BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information. |
| The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS. |
| The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. |
| SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered. |
| Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." |
| Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session. |
| Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail. |
| The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." |
| Early termination vulnerability in Fizmez Web Server 1.0 allows remote attackers to cause a denial of service (crash) by connecting to the server and then disconnecting without sending any data, which triggers a null pointer dereference. |
| create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. |
| Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter. |
| Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. |
| The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device. |
| The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller. |
| Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. |
| The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session. |