Total
254020 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0018 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 3.6 LOW | N/A |
| Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. | |||||
| CVE-2003-0993 | 1 Apache | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
| mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions. | |||||
| CVE-2002-0974 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 5.0 MEDIUM | N/A |
| Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm. | |||||
| CVE-2002-2252 | 1 Atthat.com | 1 Thatware | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter. | |||||
| CVE-1999-1532 | 1 Netscape | 1 Messaging Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands. | |||||
| CVE-2000-0487 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 3.6 LOW | N/A |
| The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability. | |||||
| CVE-2002-0467 | 2 Ecartis, Listar | 2 Ecartis, Listar | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c. | |||||
| CVE-1999-1328 | 1 Redhat | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
| linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack. | |||||
| CVE-2003-1488 | 1 Truelogik | 1 Truegalerie | 2024-02-04 | 6.4 MEDIUM | N/A |
| The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1. | |||||
| CVE-1999-0656 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
| The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | |||||
| CVE-1999-0736 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-2000-0540 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
| JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information. | |||||
| CVE-2003-1473 | 1 Lgames | 1 Ltris | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable. | |||||
| CVE-2002-0377 | 1 Rob Flynn | 1 Gaim | 2024-02-04 | 2.1 LOW | N/A |
| Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. | |||||
| CVE-2003-0155 | 1 Mozilla | 1 Bonsai | 2024-02-04 | 5.0 MEDIUM | N/A |
| bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. | |||||
| CVE-2003-0455 | 1 Imagemagick | 1 Libmagick Library | 2024-02-04 | 4.6 MEDIUM | N/A |
| The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files. | |||||
| CVE-2001-1182 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges. | |||||
| CVE-2004-1757 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges. | |||||
| CVE-2001-0414 | 1 Dave Mills | 2 Ntpd, Xntp3 | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument. | |||||
| CVE-2001-1166 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 5.0 MEDIUM | N/A |
| linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. | |||||