Total
254016 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0577 | 1 Sco | 1 Openserver | 2024-02-04 | 7.2 HIGH | N/A |
recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument. | |||||
CVE-2001-1051 | 1 Dark Hart Portal | 1 Darkportal-unix | 2024-02-04 | 7.5 HIGH | N/A |
Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
CVE-2004-1585 | 1 Jera Technology | 1 Flash Messaging | 2024-02-04 | 5.0 MEDIUM | N/A |
Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service (application crash) via certain wide characters. | |||||
CVE-2001-0320 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 10.0 HIGH | N/A |
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument. | |||||
CVE-2003-0733 | 1 Bea | 3 Liquid Data, Weblogic Integration, Weblogic Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application. | |||||
CVE-2002-1770 | 1 Qualcomm | 1 Eudora | 2024-02-04 | 5.0 MEDIUM | N/A |
Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. | |||||
CVE-2003-0766 | 1 Ftp Desktop | 1 Ftp Desktop | 2024-02-04 | 7.5 HIGH | N/A |
Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER command, or (3) a long response to a PASS command. | |||||
CVE-2001-1579 | 1 Sco | 2 Open Unix, Unixware | 2024-02-04 | 5.0 MEDIUM | N/A |
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. | |||||
CVE-2004-2167 | 1 Latex2rtf | 1 Latex2rtf | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand. | |||||
CVE-2000-0263 | 1 Redhat | 1 Linux | 2024-02-04 | 2.1 LOW | N/A |
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. | |||||
CVE-2002-0591 | 1 Aol | 1 Instant Messenger | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename. | |||||
CVE-1999-1525 | 1 Macromedia | 1 Shockwave Flash Plugin | 2024-02-04 | 5.1 MEDIUM | N/A |
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie. | |||||
CVE-2000-0957 | 1 Pam Mysql | 1 Pam Mysql | 2024-02-04 | 7.5 HIGH | N/A |
The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes. | |||||
CVE-2003-0289 | 1 Cdrtools | 1 Cdrecord | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter. | |||||
CVE-2002-1369 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2024-02-04 | 10.0 HIGH | N/A |
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2000-0712 | 1 Lids | 1 Lids | 2024-02-04 | 7.2 HIGH | N/A |
Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS is disabled via the security=0 boot option. | |||||
CVE-2001-1093 | 1 Compaq | 1 Tru64 | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument. | |||||
CVE-2002-2037 | 1 Cisco | 5 Bams, Pgw 2200, Sc2200 and 2 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities. | |||||
CVE-1999-0989 | 1 Microsoft | 1 Ie | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. | |||||
CVE-2004-0427 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call. |