Total
254240 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0691 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||||
CVE-2004-0678 | 1 12planet | 1 Chat Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remote attackers to execute arbitrary script as other users via the page parameter. | |||||
CVE-2004-2203 | 1 Ansel | 1 Ansel | 2024-02-04 | 7.5 HIGH | N/A |
Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories. | |||||
CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.5 HIGH | N/A |
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
CVE-2001-0650 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||||
CVE-1999-0215 | 1 Sgi | 1 Irix | 2024-02-04 | 6.4 MEDIUM | N/A |
Routed allows attackers to append data to files. | |||||
CVE-2004-1598 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2024-02-04 | 5.0 MEDIUM | N/A |
Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory. | |||||
CVE-1999-0885 | 1 Computer Software Manufaktur | 1 Alibaba | 2024-02-04 | 3.6 LOW | N/A |
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL. | |||||
CVE-2003-0098 | 2 Apcupsd, Debian | 2 Apcupsd, Debian Linux | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||||
CVE-2003-1308 | 1 Fvwm | 1 Fvwm | 2024-02-04 | 4.6 MEDIUM | N/A |
CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename. | |||||
CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2024-02-04 | 4.3 MEDIUM | N/A |
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||||
CVE-1999-1190 | 1 Admiral Systems | 1 Emailclub | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message. | |||||
CVE-2002-2200 | 1 Benjamin Lefevre | 1 Dobermann Forum | 2024-02-04 | 7.5 HIGH | N/A |
Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php. | |||||
CVE-2002-2135 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1618. Reason: This candidate is a duplicate of CVE-2002-1618. Notes: All CVE users should reference CVE-2002-1618 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2000-0389 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. | |||||
CVE-2000-0304 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. | |||||
CVE-2000-0435 | 1 Matthew Redman | 1 Allmanage | 2024-02-04 | 7.5 HIGH | N/A |
The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. | |||||
CVE-2001-0641 | 3 Immunix, Redhat, Suse | 3 Immunix, Linux, Suse Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. | |||||
CVE-1999-0154 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. | |||||
CVE-2002-1031 | 1 Key Focus | 1 Kf Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character. |