Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1370 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.2 HIGH | N/A |
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs. | |||||
CVE-2000-0003 | 1 Sco | 1 Unixware | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. | |||||
CVE-2003-0030 | 1 Protegrity | 1 Secure.data | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select. | |||||
CVE-2004-0516 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | |||||
CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2024-02-04 | 7.8 HIGH | N/A |
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. | |||||
CVE-2002-2019 | 1 Oscommerce | 1 Oscommerce | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter. | |||||
CVE-2001-0966 | 1 Nudester.org | 1 Nudester | 2024-02-04 | 10.0 HIGH | N/A |
Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command. | |||||
CVE-1999-0531 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO." | |||||
CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2024-02-04 | 6.2 MEDIUM | N/A |
Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | |||||
CVE-2004-0149 | 1 Xboing | 1 Xboing | 2024-02-04 | 4.6 MEDIUM | N/A |
Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges. | |||||
CVE-2004-0873 | 1 Apple | 2 Ichat, Ichat Av | 2024-02-04 | 7.5 HIGH | N/A |
Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program. | |||||
CVE-2003-0064 | 4 Hp, Ibm, Sgi and 1 more | 5 Hp-ux, Aix, Irix and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
CVE-1999-1197 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges. | |||||
CVE-2002-0767 | 1 Richard Gooch | 1 Simpleinit | 2024-02-04 | 7.2 HIGH | N/A |
simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges. | |||||
CVE-2002-2134 | 1 Peel | 1 Peel | 2024-02-04 | 5.0 MEDIUM | N/A |
haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file. | |||||
CVE-2001-1306 | 1 Sun | 1 Iplanet Directory Server | 2024-02-04 | 7.5 HIGH | N/A |
iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2000-0724 | 1 Helix Code | 1 Go-gnome Pre-installer | 2024-02-04 | 6.2 MEDIUM | N/A |
The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files. | |||||
CVE-2004-1939 | 1 Rhinosoft | 1 Zaep Antispam | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter. | |||||
CVE-2002-2206 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 7.8 HIGH | N/A |
The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries. | |||||
CVE-2002-1967 | 1 Mark Hanson | 1 Xircon | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command. |