Total
254273 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1121 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges. | |||||
CVE-2001-1518 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 2.1 LOW | N/A |
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability. | |||||
CVE-2004-1728 | 1 British National Corpus | 1 Sara | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string. | |||||
CVE-2002-2298 | 1 Atthat.com | 1 Thatware | 2024-02-04 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in config.php in Thatware 0.3 through 0.5.3 allows remote attackers to execute arbitrary PHP code via the root_path parameter. | |||||
CVE-2001-0803 | 1 Open Group | 1 Cde Common Desktop Environment | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. | |||||
CVE-2000-0756 | 1 Microsoft | 1 Outlook | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service. | |||||
CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||||
CVE-2003-0088 | 1 Apple | 1 Mac Os X | 2024-02-04 | 7.2 HIGH | N/A |
TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | |||||
CVE-1999-1278 | 1 Nlog | 1 Nlog | 2024-02-04 | 7.5 HIGH | N/A |
nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl. | |||||
CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 3.7 LOW | N/A |
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||
CVE-2002-0091 | 1 Nswc | 1 Cider Shadow | 2024-02-04 | 7.5 HIGH | N/A |
Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields. | |||||
CVE-2002-1628 | 1 Mike Spice | 1 Mikes Vote Cgi | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter. | |||||
CVE-2002-2186 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL. | |||||
CVE-2004-0268 | 1 Evolutionx | 1 Evolutionx | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple buffer overflows in EvolutionX 3921 and 3935 allow remote attackers to cause a denial of service (hang) via (1) a long cd command to the FTP server, or (2) a long dir command to the telnet server. | |||||
CVE-2000-0525 | 1 Openbsd | 1 Openssh | 2024-02-04 | 10.0 HIGH | N/A |
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon. | |||||
CVE-2003-1315 | 1 Neocrome | 1 Land Down Under | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. | |||||
CVE-2002-0054 | 1 Microsoft | 2 Exchange Server, Windows 2000 | 2024-02-04 | 7.5 HIGH | N/A |
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials. | |||||
CVE-2000-0696 | 1 Sun | 1 Solaris Answerbook2 | 2024-02-04 | 7.5 HIGH | N/A |
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. | |||||
CVE-2002-2214 | 1 Php | 1 Php | 2024-02-04 | 5.0 MEDIUM | N/A |
The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header. | |||||
CVE-2000-1175 | 1 Jan Hubicka | 1 Koules | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument. |