Total
254081 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1358 | 1 Phpheaven | 1 Phpmychat | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. | |||||
CVE-2003-0497 | 1 Intersystems | 1 Cache Database | 2024-02-04 | 7.2 HIGH | N/A |
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs. | |||||
CVE-2003-1220 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | N/A |
BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL. | |||||
CVE-2002-1959 | 1 Nagios | 1 Nagios | 2024-02-04 | 10.0 HIGH | N/A |
Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output. | |||||
CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2024-02-04 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | |||||
CVE-2002-1004 | 1 Argosoft | 1 Argosoft Mail Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | |||||
CVE-2004-1626 | 1 Code-crafters | 1 Ability Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command. | |||||
CVE-1999-1192 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | |||||
CVE-2004-1421 | 1 Whm | 1 Whm Autopilot | 2024-02-04 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) step_two_tables.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the server_inc parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2004-1480 | 1 Hp | 1 Storageworks Command View | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions. | |||||
CVE-1999-0960 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. | |||||
CVE-2004-1322 | 1 Cisco | 1 Unity Server | 2024-02-04 | 7.5 HIGH | N/A |
Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. | |||||
CVE-2001-0151 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests. | |||||
CVE-2002-0554 | 1 Ibm | 1 Informix Web Datablade | 2024-02-04 | 7.5 HIGH | N/A |
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request. | |||||
CVE-2004-1897 | 1 Tildeslash | 1 Monit | 2024-02-04 | 5.0 MEDIUM | N/A |
Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read. | |||||
CVE-2002-0338 | 1 Ritlabs | 1 The Bat | 2024-02-04 | 5.0 MEDIUM | N/A |
The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name. | |||||
CVE-2002-2027 | 1 Doow | 1 Doow | 2024-02-04 | 7.5 HIGH | N/A |
Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities. | |||||
CVE-2001-0837 | 1 Deltathree | 1 Pc-to-phone | 2024-02-04 | 2.1 LOW | N/A |
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder. | |||||
CVE-1999-1348 | 1 Redhat | 1 Linux | 2024-02-04 | 2.1 LOW | N/A |
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service. | |||||
CVE-2004-0320 | 1 Ncipher | 1 Nshield | 2024-02-04 | 2.1 LOW | N/A |
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands. |