Total
253878 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0708 | 1 Moinmoin | 1 Moinmoin | 2024-02-04 | 7.5 HIGH | N/A |
MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges. | |||||
CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2024-02-04 | 3.6 LOW | N/A |
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | |||||
CVE-2004-0696 | 1 4d | 1 Webstar | 2024-02-04 | 5.0 MEDIUM | N/A |
The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character. | |||||
CVE-2000-0605 | 1 Blackboard | 1 Courseinfo | 2024-02-04 | 2.1 LOW | N/A |
Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords. | |||||
CVE-2001-0055 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2024-02-04 | 5.0 MEDIUM | N/A |
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. | |||||
CVE-1999-1354 | 1 Softarc | 1 Firstclass Internet Server | 2024-02-04 | 4.6 MEDIUM | N/A |
E-mail client in Softarc FirstClass Internet Server 5.506 and earlier stores usernames and passwords in cleartext in the files (1) home.fc for version 5.506, (2) network.fc for version 3.5, or (3) FCCLIENT.LOG when logging is enabled. | |||||
CVE-2001-1030 | 6 Caldera, Immunix, Mandrakesoft and 3 more | 8 Openlinux Server, Immunix, Mandrake Linux and 5 more | 2024-02-04 | 7.5 HIGH | N/A |
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. | |||||
CVE-2001-0269 | 1 Sun | 1 Sunos | 2024-02-04 | 10.0 HIGH | N/A |
pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password. | |||||
CVE-1999-1336 | 1 3com | 1 Hiperarc | 2024-02-04 | 5.0 MEDIUM | N/A |
3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port. | |||||
CVE-2002-1063 | 1 T. Hauck | 1 Jana Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports. | |||||
CVE-1999-0137 | 1 Fred N. Van Kempen | 1 Dip | 2024-02-04 | 7.2 HIGH | N/A |
The dip program on many Linux systems allows local users to gain root access via a buffer overflow. | |||||
CVE-2003-1369 | 1 Save It Software Pty | 1 Bytecatcherftp | 2024-02-04 | 6.8 MEDIUM | N/A |
Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | |||||
CVE-2003-0705 | 1 Nicolas Boullis | 1 Mah-jong | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. | |||||
CVE-2002-0489 | 1 Linux Directory Penguin | 1 Nslookup | 2024-02-04 | 10.0 HIGH | N/A |
Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters. | |||||
CVE-2002-0960 | 1 Voxel | 1 Cbms | 2024-02-04 | 7.5 HIGH | N/A |
Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users. | |||||
CVE-2002-1626 | 1 Mike Spice | 1 My Calendar | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Mike Spice My Calendar before 1.5 allows remote attackers to write arbitrary files via .. (dot dot) sequences in a URL. | |||||
CVE-2001-0389 | 1 Ibm | 2 Net.commerce, Websphere Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument. | |||||
CVE-2001-0382 | 1 Broadcom | 1 Ccc Harvest | 2024-02-04 | 7.5 HIGH | N/A |
Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application. | |||||
CVE-2002-1469 | 1 Scponly | 1 Scponly | 2024-02-04 | 7.5 HIGH | N/A |
scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs. | |||||
CVE-1999-0051 | 3 Globetrotter, Sgi, Sun | 5 Flexlm, Irix, License Oeo and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |