Total
254124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1809 | 1 Oracle | 1 Mysql | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database. | |||||
CVE-1999-1347 | 1 Redhat | 1 Linux | 2024-02-04 | 4.6 MEDIUM | N/A |
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm. | |||||
CVE-2001-1541 | 1 Bsdi | 1 Bsd Os | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument. | |||||
CVE-2004-1941 | 1 Fastream | 1 Netfile Ftp Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to cause a denial of service via a username that does not exist. | |||||
CVE-1999-1572 | 5 Debian, Freebsd, Mandrakesoft and 2 more | 6 Debian Linux, Freebsd, Mandrake Linux and 3 more | 2024-02-04 | 2.1 LOW | N/A |
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. | |||||
CVE-2001-0021 | 1 Endymion | 1 Mailman Webmail | 2024-02-04 | 10.0 HIGH | N/A |
MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter. | |||||
CVE-2000-1236 | 1 Oracle | 1 Application Server | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | |||||
CVE-1999-0290 | 1 Qbik | 1 Wingate | 2024-02-04 | 5.0 MEDIUM | N/A |
The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost. | |||||
CVE-2000-0221 | 1 Nortel | 1 Nautica Marlin | 2024-02-04 | 5.0 MEDIUM | N/A |
The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port. | |||||
CVE-2001-1257 | 1 Horde | 1 Imp | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email. | |||||
CVE-2002-1006 | 1 Bbc Education | 1 Betsie | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl. | |||||
CVE-2001-1395 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 3.6 LOW | N/A |
Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact. | |||||
CVE-1999-1049 | 1 Broadcom | 1 Arcserve Backup | 2024-02-04 | 10.0 HIGH | N/A |
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. | |||||
CVE-2002-0816 | 1 Compaq | 1 Tru64 | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument. | |||||
CVE-2004-2051 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbitrary files via a file:/// URL. | |||||
CVE-2003-1384 | 1 Py Software | 1 Py-livredor | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields. | |||||
CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2024-02-04 | 4.6 MEDIUM | N/A |
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | |||||
CVE-2001-1363 | 1 Phpwebsite Development Team | 1 Phpwebsite | 2024-02-04 | 10.0 HIGH | N/A |
Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges. | |||||
CVE-2001-0011 | 1 Isc | 1 Bind | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
CVE-2004-1367 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2024-02-04 | 4.4 MEDIUM | N/A |
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password. |