Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1550 | 1 Centra | 3 Asp, Centraone, Smart Connect | 2024-02-04 | 2.1 LOW | N/A |
CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded log files, which allows local users to obtain cleartext passwords from decoded log files and impersonate users. | |||||
CVE-2002-2360 | 1 Webmin | 1 Webmin | 2024-02-04 | 9.3 HIGH | N/A |
The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests. | |||||
CVE-2002-0496 | 1 Southwest | 1 Southwest | 2024-02-04 | 5.0 MEDIUM | N/A |
The HTTP server for SouthWest Talker server 1.0.0 allows remote attackers to cause a denial of service (server crash) via a malformed URL to port 5002. | |||||
CVE-2002-2183 | 1 Phpshare | 1 Phpshare | 2024-02-04 | 7.5 HIGH | N/A |
phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary PHP scripts from remote servers. | |||||
CVE-2002-1572 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 10.0 HIGH | N/A |
Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. | |||||
CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2024-02-04 | 5.0 MEDIUM | N/A |
vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | |||||
CVE-2003-1312 | 1 Netegrity | 1 Siteminder | 2024-02-04 | 4.3 MEDIUM | N/A |
siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods. | |||||
CVE-2002-0483 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname. | |||||
CVE-2002-0709 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs. | |||||
CVE-2002-2166 | 1 E-zone Media Inc. | 1 Fusetalk | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert arbitrary HTML and web script. | |||||
CVE-2000-0755 | 1 Hp | 1 Openview Network Node Manager | 2024-02-04 | 4.6 MEDIUM | N/A |
Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges. | |||||
CVE-1999-0977 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. | |||||
CVE-2001-0659 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet. | |||||
CVE-2004-1348 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). | |||||
CVE-2004-0775 | 1 Widcomm | 2 Bluetooth Communication Software, Btstackserver | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in products such as BTStackServer 1.3.2.7 and 1.4.2.10, Windows XP and Windows 98 with MSI Bluetooth Dongles, and HP IPAQ 5450 running WinCE 3.0, allows remote attackers to execute arbitrary code via certain service requests. | |||||
CVE-2001-0059 | 1 Sun | 1 Sunos | 2024-02-04 | 6.2 MEDIUM | N/A |
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-1953 | 1 Phprofession | 1 Phprofession | 2024-02-04 | 5.0 MEDIUM | N/A |
phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message. | |||||
CVE-2003-0645 | 1 Andries Brouwer | 1 Man | 2024-02-04 | 4.6 MEDIUM | N/A |
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges. | |||||
CVE-2002-1552 | 1 Novell | 1 Edirectory | 2024-02-04 | 7.5 HIGH | N/A |
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. | |||||
CVE-1999-0837 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
Denial of service in BIND by improperly closing TCP sessions via so_linger. |