Total
253987 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0736 | 5 Engardelinux, Immunix, Mandrakesoft and 2 more | 6 Secure Linux, Immunix, Mandrake Linux and 3 more | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-0292 | 1 Karjasoft | 1 Sami Http Server | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | |||||
CVE-2000-0771 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 2.1 LOW | N/A |
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. | |||||
CVE-2002-0380 | 1 Lbl | 1 Tcpdump | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet. | |||||
CVE-1999-0672 | 1 Fujitsu | 1 Chocoa | 2024-02-04 | 5.1 MEDIUM | N/A |
Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. | |||||
CVE-1999-0237 | 1 Webcom | 1 Cgi Guestbook | 2024-02-04 | 7.5 HIGH | N/A |
Remote execution of arbitrary commands through Guestbook CGI program. | |||||
CVE-1999-0766 | 1 Microsoft | 2 Internet Explorer, Java Virtual Machine | 2024-02-04 | 9.3 HIGH | N/A |
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. | |||||
CVE-2000-0516 | 1 Intel | 1 Shiva Access Manager | 2024-02-04 | 7.2 HIGH | N/A |
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server. | |||||
CVE-2002-0716 | 1 Sco | 1 Openserver | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument. | |||||
CVE-2003-0746 | 1 Hp | 1 Openview | 2024-02-04 | 5.0 MEDIUM | N/A |
Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such as the Blaster/MSblast/LovSAN worm. | |||||
CVE-2001-0254 | 1 Fastream | 1 Ftp\+\+ Server | 2024-02-04 | 5.0 MEDIUM | N/A |
FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command. | |||||
CVE-2004-1422 | 1 Whm | 1 Whm Autopilot | 2024-02-04 | 5.0 MEDIUM | N/A |
WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sensitive information via phpinfo, which reveals php settings. | |||||
CVE-2002-2159 | 1 Linksys | 3 Befsr11, Befsr41, Befsru31 | 2024-02-04 | 10.0 HIGH | N/A |
Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. | |||||
CVE-2002-2022 | 1 Kaffe | 1 Kaffe Openvm | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute. | |||||
CVE-1999-1123 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. | |||||
CVE-2004-1658 | 1 Kerio | 1 Personal Firewall | 2024-02-04 | 4.6 MEDIUM | N/A |
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. | |||||
CVE-2001-0545 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. | |||||
CVE-2004-0034 | 1 Phorum | 1 Phorum | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable in login.php. | |||||
CVE-2002-0563 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy; and Oracle Java Process Manager (7) oprocmgr-status and (8) oprocmgr-service, which can be used to control Java processes. | |||||
CVE-2003-0732 | 1 Cisco | 4 Ciscoworks Cd1, Ciscoworks Common Management Foundation, Resource Manager and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages. |