Total
253964 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0653 | 1 Sun | 1 Solaris | 2024-02-04 | 2.1 LOW | N/A |
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. | |||||
CVE-2000-1002 | 1 Stalker | 1 Communigate Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks. | |||||
CVE-2003-1155 | 1 X-cd-roast | 1 X-cd-roast | 2024-02-04 | 4.6 MEDIUM | N/A |
X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file. | |||||
CVE-1999-0405 | 4 Debian, Freebsd, Redhat and 1 more | 4 Debian Linux, Freebsd, Linux and 1 more | 2024-02-04 | 7.2 HIGH | N/A |
A buffer overflow in lsof allows local users to obtain root privilege. | |||||
CVE-2004-2073 | 1 Vserver | 1 Linux-vserver | 2024-02-04 | 7.2 HIGH | N/A |
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command. | |||||
CVE-2000-0879 | 1 Plus Technologies | 1 Lpplus | 2024-02-04 | 2.1 LOW | N/A |
LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services. | |||||
CVE-2002-0611 | 1 Craig Patchett | 1 Fileseek | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered. | |||||
CVE-2003-0456 | 1 Deerfield | 1 Visnetic Website | 2024-02-04 | 5.0 MEDIUM | N/A |
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe. | |||||
CVE-2002-0305 | 1 Zero One Tech | 1 P100s | 2024-02-04 | 5.0 MEDIUM | N/A |
Zero One Tech (ZOT) P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge. | |||||
CVE-2001-0819 | 1 Fetchmail | 1 Fetchmail | 2024-02-04 | 7.5 HIGH | N/A |
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header. | |||||
CVE-2002-0717 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed. | |||||
CVE-2003-0399 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2024-02-04 | 6.4 MEDIUM | N/A |
Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template. | |||||
CVE-2004-0264 | 2 Jim Rees, Shaun2k2 | 2 Jim Rees Httpd, Palmhttpd | 2024-02-04 | 5.0 MEDIUM | N/A |
palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue. | |||||
CVE-2004-0768 | 1 Greg Roelofs | 1 Libpng3 | 2024-02-04 | 7.5 HIGH | N/A |
libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2004-0469 | 1 Checkpoint | 4 Firewall-1, Next Generation, Ng-ai and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. | |||||
CVE-2002-2415 | 1 Alliedtelesyn | 2 At-8024, Rapier 24 | 2024-02-04 | 6.8 MEDIUM | N/A |
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service. | |||||
CVE-1999-0776 | 1 Computer Software Manufaktur | 1 Alibaba | 2024-02-04 | 5.0 MEDIUM | N/A |
Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack. | |||||
CVE-1999-0780 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2024-02-04 | 4.6 MEDIUM | N/A |
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. | |||||
CVE-2002-1804 | 1 Npds | 1 Npds | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
CVE-2002-2101 | 1 Microsoft | 1 Outlook | 2024-02-04 | 7.5 HIGH | N/A |
Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag. |