Total
240530 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1542 | 1 Raven Software | 1 Soldier Of Fortune | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply. | |||||
| CVE-2002-2126 | 1 Pedestal Software | 1 Integrity Protection Driver | 2024-02-04 | 2.1 LOW | N/A |
| restrictEnabled in Integrity Protection Driver (IPD) 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time. | |||||
| CVE-2002-2090 | 1 Caucho Technology | 1 Resin | 2024-02-04 | 5.0 MEDIUM | N/A |
| Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp. | |||||
| CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | |||||
| CVE-2002-1161 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1380. Reason: This candidate is a reservation duplicate of CVE-2002-1380. Notes: none. | |||||
| CVE-2004-2142 | 1 Jorg Schilling | 1 Sdd | 2024-02-04 | 10.0 HIGH | N/A |
| Unknown vulnerability in the remote tape support (remote.c) in the RMT client for Jorg Schilling sdd 1.28 and 1.31 has unknown impact and attack vectors. | |||||
| CVE-1999-0297 | 5 Bsdi, Freebsd, Netbsd and 2 more | 5 Bsd Os, Freebsd, Netbsd and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. | |||||
| CVE-1999-1306 | 1 Cisco | 1 Ios | 2024-02-04 | 7.5 HIGH | N/A |
| Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | |||||
| CVE-1999-1084 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 4.6 MEDIUM | N/A |
| The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. | |||||
| CVE-2002-0148 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page. | |||||
| CVE-2001-1198 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | |||||
| CVE-2004-1849 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html. | |||||
| CVE-2002-0225 | 1 Cisco | 1 Tacacs\+ | 2024-02-04 | 4.6 MEDIUM | N/A |
| tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files. | |||||
| CVE-1999-0071 | 1 Apache | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | |||||
| CVE-1999-1461 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
| inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program. | |||||
| CVE-2003-1337 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2004-0154 | 1 Nfs | 1 Nfs-utils | 2024-02-04 | 5.0 MEDIUM | N/A |
| rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name. | |||||
| CVE-2004-1497 | 1 Minihttpserver.net | 1 Web Forums Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges. | |||||
| CVE-2004-1872 | 1 Webct | 1 Webct | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag. | |||||
| CVE-2004-0872 | 1 Opera | 1 Opera Browser | 2024-02-04 | 5.0 MEDIUM | N/A |
| Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | |||||