Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1684 | 1 Zyxel | 2 Prestige, Zynos | 2024-02-04 | 5.0 MEDIUM | N/A |
Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
CVE-2003-1528 | 1 Fujitsu | 1 Siemens Networker | 2024-02-04 | 7.2 HIGH | N/A |
nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. | |||||
CVE-1999-0924 | 1 Allaire | 1 Coldfusion Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. | |||||
CVE-2000-0513 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password. | |||||
CVE-2000-1026 | 1 Lbl | 1 Tcpdump | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands. | |||||
CVE-2003-0703 | 1 Kismac | 1 Kismac | 2024-02-04 | 7.2 HIGH | N/A |
KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.sh, or (4) via "similar techniques" using exchangeKernel.sh. | |||||
CVE-2004-1785 | 1 Invision Power Services | 1 Invision Board | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable. | |||||
CVE-2004-1336 | 2 Debian, Gentoo | 2 Tetex-bin, Linux | 2024-02-04 | 2.1 LOW | N/A |
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-1568 | 1 Cmg | 1 Wap Gateway | 2024-02-04 | 6.4 MEDIUM | N/A |
CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack. | |||||
CVE-2002-1327 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise." | |||||
CVE-2004-0525 | 1 Hp | 1 Integrated Lights-out Firmware | 2024-02-04 | 5.0 MEDIUM | N/A |
HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero. | |||||
CVE-2000-0742 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-04 | 5.0 MEDIUM | N/A |
The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability. | |||||
CVE-2001-1189 | 1 Ibm | 1 Websphere Application Server | 2024-02-04 | 4.6 MEDIUM | N/A |
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script. | |||||
CVE-2002-2023 | 1 Yamaguchi | 1 Shingo Beep2 | 2024-02-04 | 2.1 LOW | N/A |
The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors. | |||||
CVE-2002-1410 | 2 Ben Chivers, Easy Scripts Archive | 2 Ben Chivers Guestbook, Easy Guestbook | 2024-02-04 | 7.5 HIGH | N/A |
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi. | |||||
CVE-2003-0333 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. | |||||
CVE-2003-1495 | 1 Hp | 3 Insight Management Suite, Insight Manager, Remote Diagnostics Enabling Agent | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors. | |||||
CVE-2002-1957 | 1 Pen | 1 Pen | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages. | |||||
CVE-1999-1146 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges. | |||||
CVE-2002-0803 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 5.0 MEDIUM | N/A |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi. |