Total
240432 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0032 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
| Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database. | |||||
| CVE-1999-0374 | 1 Debian | 1 Debian Linux | 2024-02-04 | 2.1 LOW | N/A |
| Debian GNU/Linux cfengine package is susceptible to a symlink attack. | |||||
| CVE-2000-1137 | 1 Gnu | 1 Ed | 2024-02-04 | 4.6 MEDIUM | N/A |
| GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | |||||
| CVE-2001-1327 | 1 Berkeley Softworks | 1 Pmake | 2024-02-04 | 4.6 MEDIUM | N/A |
| pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. | |||||
| CVE-2001-1270 | 1 Pkware | 1 Pkzip | 2024-02-04 | 2.1 LOW | N/A |
| Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files. | |||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2024-02-04 | 10.0 HIGH | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | |||||
| CVE-2002-1106 | 1 Cisco | 1 Vpn Client | 2024-02-04 | 7.5 HIGH | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks. | |||||
| CVE-2002-0535 | 2 Postboard, Postnuke Software Foundation | 2 Postboard, Postnuke | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title. | |||||
| CVE-1999-1057 | 1 Digital | 1 Vms | 2024-02-04 | 4.6 MEDIUM | N/A |
| VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command. | |||||
| CVE-2002-2167 | 1 Thorsten Korner | 1 123tkshop | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null character in the $designNo variable, which is part of an "include" function call. | |||||
| CVE-2001-1061 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
| Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error. | |||||
| CVE-2004-2165 | 1 Impressions Games | 1 Lords Of The Realm Iii | 2024-02-04 | 5.0 MEDIUM | N/A |
| Lords of the Realm III 1.01 and earlier, when in the lobby stage, allows remote attackers to cause a denial of service (crash from unallocated memory write) via a long user nickname. | |||||
| CVE-1999-0225 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. | |||||
| CVE-2002-0695 | 1 Microsoft | 2 Data Access Components, Microsoft Data Access Components | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command. | |||||
| CVE-2000-0146 | 1 Novell | 1 Groupwise | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet. | |||||
| CVE-1999-0189 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. | |||||
| CVE-2003-0470 | 1 Symantec | 1 Security Check | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. | |||||
| CVE-2003-1007 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. | |||||
| CVE-2000-0970 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability. | |||||
| CVE-2000-0162 | 1 Microsoft | 3 Ie, Internet Explorer, Visual Studio | 2024-02-04 | 5.1 MEDIUM | N/A |
| The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | |||||