Total
254047 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2024-02-04 | 10.0 HIGH | N/A |
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||||
CVE-2003-0033 | 1 Snort | 1 Snort | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. | |||||
CVE-1999-0411 | 1 Sco | 1 Openserver | 2024-02-04 | 7.2 HIGH | N/A |
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. | |||||
CVE-2001-0918 | 1 Suse | 1 Suse Linux | 2024-02-04 | 5.1 MEDIUM | N/A |
Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely. | |||||
CVE-2003-0245 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors. | |||||
CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | |||||
CVE-2001-1129 | 1 Progress | 1 Progress | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable. | |||||
CVE-2003-0592 | 1 Kde | 2 Konqueror, Konqueror Embedded | 2024-02-04 | 7.5 HIGH | N/A |
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
CVE-2002-0626 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-02-04 | 10.0 HIGH | N/A |
Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities. | |||||
CVE-2001-0629 | 1 Hp | 1 Openview Network Node Manager | 2024-02-04 | 10.0 HIGH | N/A |
HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter. | |||||
CVE-2003-1103 | 1 Hummingbird | 1 Cyberdocs | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands. | |||||
CVE-2003-0615 | 3 Cgi.pm, Debian, Openpkg | 3 Cgi.pm, Debian Linux, Openpkg | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | |||||
CVE-2001-0818 | 1 Marty Bochane | 1 Mdbms | 2024-02-04 | 7.5 HIGH | N/A |
A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier allows remote attackers to execute arbitrary commands by sending the command a large amount of data. | |||||
CVE-2004-0321 | 1 Singularity Software | 1 Team Factor | 2024-02-04 | 5.0 MEDIUM | N/A |
Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Team Factor to read unallocated memory. | |||||
CVE-2000-0662 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED). | |||||
CVE-2003-0866 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests. | |||||
CVE-2003-1490 | 1 Sonicwall | 3 Pro100, Pro200, Pro300 | 2024-02-04 | 7.8 HIGH | N/A |
SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | |||||
CVE-2003-0730 | 2 Netbsd, Xfree86 Project | 2 Netbsd, X11r6 | 2024-02-04 | 7.5 HIGH | N/A |
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | |||||
CVE-2001-1059 | 1 Vmware | 1 Workstation | 2024-02-04 | 3.6 LOW | N/A |
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. | |||||
CVE-2001-0688 | 1 Transsoft | 1 Broker Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command. |