Total
254009 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1513 | 1 Compaq | 1 Tcp-ip Services | 2024-02-04 | 4.6 MEDIUM | N/A |
| The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges. | |||||
| CVE-2002-0436 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 10.0 HIGH | N/A |
| sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. | |||||
| CVE-2001-0468 | 1 Ftpfs | 1 Ftpfs | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. | |||||
| CVE-2004-2218 | 1 Phpmywebhosting | 1 Phpmywebhosting | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. | |||||
| CVE-2001-0816 | 1 Openbsd | 1 Openssh | 2024-02-04 | 7.5 HIGH | N/A |
| OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. | |||||
| CVE-2002-0125 | 1 Clanlib | 1 Clanlib | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and others, via a long HOME environment variable. | |||||
| CVE-1999-0992 | 1 Hp | 1 Vvos | 2024-02-04 | 10.0 HIGH | N/A |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). | |||||
| CVE-2000-0375 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
| The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files. | |||||
| CVE-2004-2226 | 1 Mozilla | 1 Thunderbird | 2024-02-04 | 5.0 MEDIUM | N/A |
| Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server. | |||||
| CVE-2002-2240 | 1 Myserver | 1 Myserver | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request. | |||||
| CVE-2000-0191 | 1 Axis | 1 Storpoint Cd | 2024-02-04 | 10.0 HIGH | N/A |
| Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack. | |||||
| CVE-2002-1883 | 1 Trolltech | 1 Qt Assistant | 2024-02-04 | 6.4 MEDIUM | N/A |
| Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service. | |||||
| CVE-2004-1182 | 1 Hylafax | 1 Hylafax | 2024-02-04 | 7.5 HIGH | N/A |
| hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password. | |||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2024-02-04 | 7.5 HIGH | N/A |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | |||||
| CVE-2001-0926 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
| SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement. | |||||
| CVE-2000-0352 | 1 University Of Washington | 1 Pine | 2024-02-04 | 10.0 HIGH | N/A |
| Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL. | |||||
| CVE-2002-1492 | 1 Cisco | 1 Vpn 5000 Client | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel. | |||||
| CVE-2003-0299 | 2 Mutt, Stuart Parmenter | 2 Mutt, Balsa | 2024-02-04 | 7.5 HIGH | N/A |
| The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors. | |||||
| CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2024-02-04 | 2.1 LOW | N/A |
| ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | |||||
| CVE-2000-0149 | 1 Zeus Technologies | 1 Zeus Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL. | |||||