Total
254016 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0897 | 1 Microsoft | 1 Windows Xp | 2024-02-04 | 4.6 MEDIUM | N/A |
"Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications. | |||||
CVE-2001-0634 | 1 Sun | 1 Chilisoft | 2024-02-04 | 7.2 HIGH | N/A |
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service. | |||||
CVE-1999-0519 | 1 Microsoft | 4 Outlook, Windows 2000, Windows 95 and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
A NETBIOS/SMB share password is the default, null, or missing. | |||||
CVE-2001-0318 | 1 Proftpd Project | 1 Proftpd | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). | |||||
CVE-2003-0609 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. | |||||
CVE-2001-1066 | 1 Sun | 1 Solaris | 2024-02-04 | 2.1 LOW | N/A |
ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-1847 | 1 Expinion.net | 1 News Manager Lite | 2024-02-04 | 7.5 HIGH | N/A |
News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie. | |||||
CVE-2003-1183 | 1 Oracle | 1 Oracle Files | 2024-02-04 | 4.6 MEDIUM | N/A |
The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access. | |||||
CVE-2002-0487 | 1 Workforceroi | 1 Xpede | 2024-02-04 | 4.6 MEDIUM | N/A |
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache. | |||||
CVE-2004-0199 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2024-02-04 | 5.1 MEDIUM | N/A |
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm). | |||||
CVE-2001-0711 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. | |||||
CVE-2002-0518 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 5.0 MEDIUM | N/A |
The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. | |||||
CVE-1999-0508 | 2024-02-04 | 4.6 MEDIUM | N/A | ||
An account on a router, firewall, or other network device has a default, null, blank, or missing password. | |||||
CVE-2001-0508 | 1 Microsoft | 1 Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service (restart) via a long, invalid WebDAV request. | |||||
CVE-1999-0820 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands. | |||||
CVE-2002-1952 | 1 Phprank | 1 Phprank | 2024-02-04 | 7.5 HIGH | N/A |
phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable. | |||||
CVE-2000-0164 | 1 Sun | 1 Solaris Isp Server | 2024-02-04 | 7.2 HIGH | N/A |
The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords. | |||||
CVE-2002-0743 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. | |||||
CVE-2001-1542 | 1 Network Associates | 1 Webshield Smtp | 2024-02-04 | 7.5 HIGH | N/A |
NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments. | |||||
CVE-2003-1290 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 5.0 MEDIUM | N/A |
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI). |