Total
253942 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0030 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. | |||||
CVE-2003-0723 | 1 Gkrellm | 1 Gkrellm | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code. | |||||
CVE-2000-0927 | 1 Wquinn | 1 Quotaadvisor | 2024-02-04 | 4.6 MEDIUM | N/A |
WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they are stored in alternative data streams, which allows users to bypass quota restrictions. | |||||
CVE-2004-1681 | 1 Qnx | 2 Photon Microgui, Rtp | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter. | |||||
CVE-2003-0143 | 1 Qualcomm | 1 Qpopper | 2024-02-04 | 10.0 HIGH | N/A |
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name. | |||||
CVE-2002-0352 | 1 Phorum | 1 Phorum | 2024-02-04 | 5.0 MEDIUM | N/A |
Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication. | |||||
CVE-2002-1575 | 1 Mit | 1 Cgiemail | 2024-02-04 | 5.0 MEDIUM | N/A |
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message. | |||||
CVE-1999-0652 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL." | |||||
CVE-1999-1552 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. | |||||
CVE-2000-0646 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-04 | 5.0 MEDIUM | N/A |
WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred. | |||||
CVE-2001-1195 | 1 Novell | 1 Groupwise | 2024-02-04 | 7.5 HIGH | N/A |
Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | |||||
CVE-2000-1023 | 1 Alabanza | 1 Control Panel | 2024-02-04 | 7.5 HIGH | N/A |
The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program. | |||||
CVE-2004-0118 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.2 HIGH | N/A |
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code. | |||||
CVE-2002-1447 | 1 Cisco | 1 Vpn Client | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument. | |||||
CVE-1999-0247 | 1 Isc | 1 Inn | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. | |||||
CVE-2001-1427 | 1 Macromedia | 1 Coldfusion | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. | |||||
CVE-1999-1369 | 1 Realnetworks | 1 Realserver | 2024-02-04 | 4.6 MEDIUM | N/A |
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. | |||||
CVE-2004-0069 | 1 Hd Soft | 1 Windows Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function. | |||||
CVE-2002-2030 | 1 Sqldata | 1 Sqldata Enterprise Server | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows remote attacker to execute arbitrary code and cause a denial of service via a long HTTP request. | |||||
CVE-2004-1571 | 1 Aj-fork | 1 Aj-fork | 2024-02-04 | 5.0 MEDIUM | N/A |
AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-disable-comments.php, (9) filter-by-author.php, (10) format-switcher.php, (11) long-to-short.php, (12) prospective-posting.php, or (13) sort-by-xfield.php, which displays the full path in an error message. |