Total
253930 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1446 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 2.1 LOW | N/A |
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays. | |||||
CVE-1999-1213 | 1 Hp | 1 Hp-ux | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service. | |||||
CVE-2003-0054 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2024-02-04 | 7.5 HIGH | N/A |
Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. | |||||
CVE-1999-0618 | 2024-02-04 | 10.0 HIGH | N/A | ||
The rexec service is running. | |||||
CVE-2002-1342 | 1 Smb2www | 1 Smb2www | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in smb2www 980804-16 and earlier allows remote attackers to execute arbitrary commands. | |||||
CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 7 Linux, Debian Linux, Freebsd and 4 more | 2024-02-04 | 7.2 HIGH | N/A |
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||||
CVE-2001-0696 | 1 Netwin | 1 Surgeftp | 2024-02-04 | 5.0 MEDIUM | N/A |
NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con. | |||||
CVE-2003-0612 | 1 Robert Hyatt | 1 Crafty | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin. | |||||
CVE-2001-0423 | 1 Sun | 1 Solaris | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. | |||||
CVE-1999-1156 | 1 Bisonware | 1 Bisonware Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | |||||
CVE-2001-0825 | 1 Xinetd | 1 Xinetd | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check. | |||||
CVE-2001-0854 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user. | |||||
CVE-2003-0016 | 1 Apache | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. | |||||
CVE-2001-0600 | 1 Lotus | 1 Domino R5 Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding, (4) Accept-Language, and (5) Content-Type. | |||||
CVE-2002-1155 | 1 Redhat | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument. | |||||
CVE-2001-0396 | 1 Lightwave | 1 Consoleserver | 2024-02-04 | 5.0 MEDIUM | N/A |
The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users. | |||||
CVE-2003-0150 | 1 Oracle | 1 Mysql | 2024-02-04 | 9.0 HIGH | N/A |
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf. | |||||
CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2024-02-04 | 7.2 HIGH | N/A |
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
CVE-2004-1997 | 2 Kolab, Openpkg | 2 Kolab Groupware Server, Openpkg | 2024-02-04 | 4.6 MEDIUM | N/A |
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges. | |||||
CVE-2003-0463 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. |