Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2024-02-04 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | |||||
CVE-1999-0282 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2004-0779 | 2 Firebirdsql, Mozilla | 3 Firebird, Firefox, Mozilla | 2024-02-04 | 7.5 HIGH | N/A |
The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site. | |||||
CVE-2004-0448 | 1 Jftpgw | 1 Jftpgw | 2024-02-04 | 10.0 HIGH | N/A |
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages. | |||||
CVE-2002-2407 | 1 Qnx | 1 Rtos | 2024-02-04 | 6.9 MEDIUM | N/A |
Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) phshutdown by QNX experimental patches, (5) cpim, (6) vpim, (7) phrelaycfg, and (8) columns, (9) othello, (10) peg, (11) solitaire, and (12) vpoker in the games pack 2.0.3, which allows local users to gain privileges by modifying the files before permissions are changed. | |||||
CVE-2002-0451 | 1 Phpprojekt | 1 Phpprojekt | 2024-02-04 | 7.5 HIGH | N/A |
filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote attackers to execute arbitrary PHP code by specifying the URL to the code in the lib_path parameter. | |||||
CVE-2002-0381 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | |||||
CVE-2003-0510 | 1 Ezbounce | 1 Ezbounce | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command. | |||||
CVE-2004-1369 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory. | |||||
CVE-2004-1819 | 1 Warpspeed | 1 4nalbum Module | 2024-02-04 | 5.0 MEDIUM | N/A |
4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to obtain sensitive information via a direct request to displaycategory.php, which reveals the path in an error message. | |||||
CVE-1999-0174 | 1 Netscape | 1 Communicator | 2024-02-04 | 6.4 MEDIUM | N/A |
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2000-0270 | 1 Gnu | 1 Emacs | 2024-02-04 | 3.6 LOW | N/A |
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | |||||
CVE-2001-0366 | 1 Sap | 2 Sap R 3 Web Application Server Demo, Saposcol | 2024-02-04 | 7.2 HIGH | N/A |
saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program. | |||||
CVE-2003-1061 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 1.2 LOW | N/A |
Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines. | |||||
CVE-2002-1396 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
CVE-2002-0459 | 1 Linux-sottises | 2 Board-tnk, News-tnk | 2024-02-04 | 7.6 HIGH | N/A |
Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | |||||
CVE-2003-0905 | 1 Microsoft | 1 Windows Media Services | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets. | |||||
CVE-2004-0089 | 1 Apple | 1 Mac Os X | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable. | |||||
CVE-1999-1488 | 1 Ibm | 1 System Data Repository | 2024-02-04 | 5.0 MEDIUM | N/A |
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. | |||||
CVE-2001-0176 | 1 Voyant Technologies | 1 Sonata | 2024-02-04 | 7.2 HIGH | N/A |
The setuid doroot program in Voyant Sonata 3.x executes arbitrary command line arguments, which allows local users to gain root privileges. |