Total
254017 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1106 | 1 Kde | 1 Kde | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | |||||
| CVE-2004-1588 | 1 Gosmart | 1 Gosmart Message Board | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp. | |||||
| CVE-2004-2161 | 1 Tutos | 1 Tutos | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | |||||
| CVE-2001-1144 | 1 Mcafee | 1 Asap Virusscan | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. | |||||
| CVE-1999-1345 | 1 Auto Ftp | 1 Auto Ftp | 2024-02-04 | 4.6 MEDIUM | N/A |
| Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred. | |||||
| CVE-2001-1036 | 2 Gnu, Slackware | 2 Findutils, Slackware Linux | 2024-02-04 | 7.2 HIGH | N/A |
| GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. | |||||
| CVE-2003-0043 | 1 Apache | 1 Tomcat | 2024-02-04 | 5.0 MEDIUM | N/A |
| Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. | |||||
| CVE-2002-0294 | 1 Alcatel-lucent | 1 Omnipcx | 2024-02-04 | 2.1 LOW | N/A |
| Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system. | |||||
| CVE-2002-0583 | 1 Workforceroi | 1 Xpede | 2024-02-04 | 5.0 MEDIUM | N/A |
| WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack. | |||||
| CVE-2004-2132 | 1 Pj Cgi Neo Review | 1 Pj Cgi Neo Review | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. | |||||
| CVE-2001-1402 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
| Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi. | |||||
| CVE-2001-0686 | 1 Sun | 1 Solaris | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable. | |||||
| CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | |||||
| CVE-2001-0346 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
| Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them. | |||||
| CVE-2003-1356 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. | |||||
| CVE-2003-1455 | 1 Poptop | 1 Pptp Server | 2024-02-04 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code. | |||||
| CVE-2004-0317 | 1 Platform | 1 Lsf | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long LSF_From_PC parameter. | |||||
| CVE-2004-1581 | 1 Blackboard | 1 Blackboard | 2024-02-04 | 5.0 MEDIUM | N/A |
| BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | |||||
| CVE-2003-0945 | 1 Sap | 1 Sap Db | 2024-02-04 | 7.5 HIGH | N/A |
| The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities. | |||||
| CVE-2000-0736 | 1 Rimarts Inc. | 1 Becky Internet Mail | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message. | |||||