Total
93126 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2290 | 1 Mambo | 1 Mambo Site Server | 2024-02-04 | 10.0 HIGH | N/A |
Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote attackers to gain privileges. | |||||
CVE-2004-1932 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter. | |||||
CVE-2003-0731 | 1 Cisco | 4 Ciscoworks Cd1, Ciscoworks Common Management Foundation, Resource Manager and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter. | |||||
CVE-2003-0065 | 1 National University Of Singapore | 1 Uxterm | 2024-02-04 | 7.5 HIGH | N/A |
The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
CVE-2001-0171 | 1 Whitsoft | 1 Slimserve | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. | |||||
CVE-2002-0919 | 1 Cgiscript.net | 1 Cspassword | 2024-02-04 | 7.5 HIGH | N/A |
CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page. | |||||
CVE-1999-0455 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 7.5 HIGH | N/A |
The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly. | |||||
CVE-1999-0721 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.8 HIGH | N/A |
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||||
CVE-2004-0265 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules. | |||||
CVE-2002-2294 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). | |||||
CVE-1999-1409 | 2 Netbsd, Sgi | 2 Netbsd, Irix | 2024-02-04 | 2.1 LOW | N/A |
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. | |||||
CVE-2002-0761 | 1 Bzip | 1 Bzip2 | 2024-02-04 | 2.1 LOW | N/A |
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended. | |||||
CVE-2003-0933 | 1 Conquest | 1 Conquest | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable. | |||||
CVE-2000-0486 | 1 Cisco | 2 Ios, Tacacs\+ | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field. | |||||
CVE-1999-0044 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. | |||||
CVE-2003-0580 | 1 Ibm | 1 U2 Universe | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument. | |||||
CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 5.0 MEDIUM | N/A |
The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | |||||
CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | |||||
CVE-2004-0135 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory. | |||||
CVE-2004-0452 | 1 Larry Wall | 1 Perl | 2024-02-04 | 2.6 LOW | N/A |
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack. |