|
313731
|
7.8 |
HIGH
Local
|
hp
|
chaivm_ezloader
|
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2002-1796
|
2024-02-9 05:47 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313732
|
7.5 |
HIGH
Network
|
microsoft
|
windows_nt
windows_2000
|
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS re…
|
CWE-346
Origin Validation Error
|
CVE-2001-1452
|
2024-02-9 05:47 |
2001-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313733
|
9.8 |
CRITICAL
Network
|
microsoft
|
windows_nt
windows_xp
windows_2000
windows_98
windows_98se
|
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts th…
|
CWE-346
Origin Validation Error
|
CVE-2000-1218
|
2024-02-9 05:47 |
2000-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313734
|
7.5 |
HIGH
Network
|
thekelleys
|
dnsmasq
|
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
|
CWE-346
Origin Validation Error
|
CVE-2005-0877
|
2024-02-9 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313735
|
8.8 |
HIGH
Network
|
phpnuke
|
php-nuke
|
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.
|
CWE-352
Origin Validation Error
|
CVE-2004-1842
|
2024-02-9 05:46 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313736
|
6.5 |
MEDIUM
Network
|
fusetalk
|
fusetalk
|
Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm.
|
CWE-352
Origin Validation Error
|
CVE-2004-1995
|
2024-02-9 05:46 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313737
|
8.8 |
HIGH
Network
|
fusionphp
|
fusion_news
|
Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls index.php with the signup action, which is …
|
CWE-352
Origin Validation Error
|
CVE-2004-1703
|
2024-02-9 05:46 |
2004-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313738
|
8.8 |
HIGH
Network
|
openbb
|
openbb
|
Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0…
|
CWE-352
Origin Validation Error
|
CVE-2004-1967
|
2024-02-9 05:46 |
2004-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313739
|
7.8 |
HIGH
Local
|
lynx_project
|
lynx
|
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL tha…
|
CWE-346
Origin Validation Error
|
CVE-1999-1549
|
2024-02-9 05:46 |
1999-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313740
|
7.5 |
HIGH
Network
|
cisco
|
ip_phone_7940_firmware
ip_phone_7960_firmware
|
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages suc…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2005-2181
|
2024-02-9 05:45 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
