Total
254016 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1180 | 1 Oreilly | 2 Website, Website Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat. | |||||
CVE-2002-0332 | 1 Xtell | 1 Xtell | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request. | |||||
CVE-1999-0530 | 2024-02-04 | 10.0 HIGH | N/A | ||
A system is operating in "promiscuous" mode which allows it to perform packet sniffing. | |||||
CVE-2001-1407 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug. | |||||
CVE-2004-1791 | 1 Edimax | 1 Full Rate Adsl Router | 2024-02-04 | 7.5 HIGH | N/A |
The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access. | |||||
CVE-2003-0163 | 1 Gaim-encryption | 1 Gaim-encryption | 2024-02-04 | 5.0 MEDIUM | N/A |
decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte. | |||||
CVE-2004-1590 | 1 Clientexec | 1 Clientexec | 2024-02-04 | 5.0 MEDIUM | N/A |
Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function. | |||||
CVE-2000-0752 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments. | |||||
CVE-2003-0360 | 1 Debian | 1 Debian Linux | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2003-0786 | 1 Openbsd | 1 Openssh | 2024-02-04 | 10.0 HIGH | N/A |
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges. | |||||
CVE-1999-0504 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 7.5 HIGH | N/A |
A Windows NT local user or administrator account has a default, null, blank, or missing password. | |||||
CVE-1999-0712 | 1 Caldera | 2 Coas, Openlinux | 2024-02-04 | 2.1 LOW | N/A |
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. | |||||
CVE-2003-1550 | 1 Xoops | 1 Xoops | 2024-02-04 | 5.0 MEDIUM | N/A |
XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message. | |||||
CVE-2003-0647 | 1 Cisco | 1 Ios | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | |||||
CVE-2002-1948 | 1 Gringotts | 1 Gringotts | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. | |||||
CVE-2002-1250 | 1 Abuse | 1 Abuse | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument. | |||||
CVE-2002-0042 | 1 Sgi | 1 Irix | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS. | |||||
CVE-2000-0506 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 10.0 HIGH | N/A |
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability." | |||||
CVE-2001-0831 | 1 Oracle | 1 Database Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access. | |||||
CVE-2003-0862 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0813. Reason: This candidate is a duplicate of CVE-2003-0813. Notes: All CVE users should reference CVE-2003-0813 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. |