Total
254020 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1372 | 1 Oracle | 1 Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message. | |||||
| CVE-2004-2234 | 1 Moodle | 1 Moodle | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | |||||
| CVE-2003-1038 | 1 Sap | 1 Internet Transaction Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames. | |||||
| CVE-1999-0148 | 1 Sgi | 1 Irix | 2024-02-04 | 7.5 HIGH | N/A |
| The handler CGI program in IRIX allows arbitrary command execution. | |||||
| CVE-2004-0710 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
| IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
| CVE-2004-0813 | 1 Ide-cd | 1 Ide-cd | 2024-02-04 | 2.1 LOW | N/A |
| Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations. | |||||
| CVE-2003-0265 | 1 Sap | 1 Sap Db | 2024-02-04 | 6.2 MEDIUM | N/A |
| Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed. | |||||
| CVE-1999-1388 | 1 Sun | 1 Sunos | 2024-02-04 | 6.2 MEDIUM | N/A |
| passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument. | |||||
| CVE-2003-1517 | 1 Dansie | 1 Shopping Cart | 2024-02-04 | 5.0 MEDIUM | N/A |
| cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message. | |||||
| CVE-2002-0995 | 1 Gianluca Baldo | 1 Phpauction | 2024-02-04 | 7.5 HIGH | N/A |
| login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table. | |||||
| CVE-1999-0152 | 1 Data General | 1 Dg Ux | 2024-02-04 | 7.5 HIGH | N/A |
| The DG/UX finger daemon allows remote command execution through shell metacharacters. | |||||
| CVE-2002-1866 | 1 Sws | 1 Sws Simple Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow remote attackers to cause a denial of service (file descriptor exhaustion) via multiple requests for pages that do not exist. | |||||
| CVE-2001-1394 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service. | |||||
| CVE-2002-1524 | 1 Nullsoft | 1 Winamp | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag. | |||||
| CVE-2002-1663 | 1 Monkey-project | 1 Monkey | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value. | |||||
| CVE-2000-1216 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine. | |||||
| CVE-2004-0938 | 1 Freeradius | 1 Freeradius | 2024-02-04 | 5.0 MEDIUM | N/A |
| FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet. | |||||
| CVE-1999-0937 | 2024-02-04 | 10.0 HIGH | N/A | ||
| BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable. | |||||
| CVE-2002-0336 | 1 Galacticomm Technologies | 2 Worldgroup, Worldgroup Lite Personal Server | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a LIST command containing a large number of / (slash), * (wildcard), and .. characters. | |||||
| CVE-2002-0331 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. | |||||