Total
236722 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1458 | 1 Novell | 1 Groupwise | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character. | |||||
| CVE-1999-0197 | 2024-02-04 | 10.0 HIGH | N/A | ||
| finger 0@host on some systems may print information on some user accounts. | |||||
| CVE-2001-0674 | 1 Robtex | 1 Viking Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request. | |||||
| CVE-2003-1374 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | |||||
| CVE-2004-0808 | 1 Samba | 1 Samba | 2024-02-04 | 5.0 MEDIUM | N/A |
| The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | |||||
| CVE-2004-2232 | 1 Moodle | 1 Moodle | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | |||||
| CVE-2003-1295 | 2 Redhat, Suse | 2 Enterprise Linux, Suse Linux | 2024-02-04 | 2.1 LOW | N/A |
| Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | |||||
| CVE-2002-2414 | 2 Opera Software, Squid | 2 Opera, Squid | 2024-02-04 | 4.3 MEDIUM | N/A |
| Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2001-0763 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. | |||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2024-02-04 | 2.1 LOW | N/A |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2002-1113 | 1 Mantis | 1 Mantis | 2024-02-04 | 7.5 HIGH | N/A |
| summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code. | |||||
| CVE-2002-0697 | 1 Microsoft | 1 Metadirectory Services | 2024-02-04 | 10.0 HIGH | N/A |
| Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials. | |||||
| CVE-2004-0393 | 1 Rlpr | 1 Rlpr | 2024-02-04 | 10.0 HIGH | N/A |
| Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function. | |||||
| CVE-2003-0255 | 1 Gnu | 1 Privacy Guard | 2024-02-04 | 10.0 HIGH | N/A |
| The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. | |||||
| CVE-2002-1451 | 1 Desiderata Software | 1 Blazix | 2024-02-04 | 5.0 MEDIUM | N/A |
| Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character. | |||||
| CVE-1999-0834 | 1 Rsa | 1 Rsaref | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. | |||||
| CVE-2002-1427 | 1 Easy Scripts Archive | 2 Advanced Easy Homepage Creator, Easy Homepage Creator | 2024-02-04 | 7.5 HIGH | N/A |
| The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users. | |||||
| CVE-2004-1372 | 1 Ibm | 1 Db2 Universal Database | 2024-02-04 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. | |||||
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2024-02-04 | 5.0 MEDIUM | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2002-1859 | 1 Orionserver | 1 Orion Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||