Total
254708 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2024-02-04 | 10.0 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | |||||
| CVE-2001-1299 | 1 Zorbat | 1 Zorbstats | 2024-02-04 | 5.0 MEDIUM | N/A |
| Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2004-0748 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop. | |||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2024-02-04 | 2.1 LOW | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | |||||
| CVE-2001-0488 | 1 Hp | 1 Hp-ux | 2024-02-04 | 2.1 LOW | N/A |
| pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service. | |||||
| CVE-2002-0355 | 1 Sgi | 1 Irix | 2024-02-04 | 2.1 LOW | N/A |
| netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions. | |||||
| CVE-2003-0801 | 1 Nokia | 1 Electronic Documentation | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script. | |||||
| CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-04 | 1.2 LOW | N/A |
| useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-0665 | 1 Microsoft | 1 Ie | 2024-02-04 | 7.5 HIGH | N/A |
| Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability." | |||||
| CVE-2003-0695 | 1 Openbsd | 1 Openssh | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. | |||||
| CVE-2000-0195 | 1 Corel | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
| setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file. | |||||
| CVE-2002-1434 | 1 Kerio | 1 Kerio Mailserver | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs. | |||||
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2024-02-04 | 5.0 MEDIUM | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | |||||
| CVE-2001-0595 | 1 Sun | 1 Sunos | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program. | |||||
| CVE-2002-0250 | 1 Hp | 7 Advancestack 10base-t Switching Hub J3200a, Advancestack 10base-t Switching Hub J3201a, Advancestack 10base-t Switching Hub J3202a and 4 more | 2024-02-04 | 7.5 HIGH | N/A |
| Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password. | |||||
| CVE-2000-0639 | 1 Sean Macguire | 1 Big Brother | 2024-02-04 | 7.5 HIGH | N/A |
| The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server. | |||||
| CVE-2001-0721 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | |||||
| CVE-2001-0121 | 1 Storagesoft | 1 Imagecast Ic3 | 2024-02-04 | 5.0 MEDIUM | N/A |
| ImageCast Control Center 4.1.0 allows remote attackers to cause a denial of service (resource exhaustion or system crash) via a long string to port 12002. | |||||
| CVE-2002-2054 | 1 Teekai | 1 Teekai Forum | 2024-02-04 | 7.5 HIGH | N/A |
| TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin. | |||||
| CVE-2002-0379 | 1 University Of Washington | 1 Uw-imap | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request. | |||||