Total
254106 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0808 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 7.5 HIGH | N/A |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs. | |||||
CVE-2001-1578 | 1 Sco | 1 Openserver | 2024-02-04 | 2.1 LOW | N/A |
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors. | |||||
CVE-2002-2380 | 2 Arescom, Microsoft | 2 Netdsl, Network Firmware | 2024-02-04 | 6.4 MEDIUM | N/A |
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic. | |||||
CVE-2002-2293 | 1 Twofold Photos | 1 Webshots Desktop | 2024-02-04 | 4.6 MEDIUM | N/A |
Webshots Desktop screensaver allows local users to bypass the password on the screensaver by pressing CTRL-ALT-DELETE and (1) hitting the cancel button or (2) killing the screensaver from the task manager. | |||||
CVE-2002-1443 | 1 Google | 1 Toolbar | 2024-02-04 | 5.0 MEDIUM | N/A |
The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler. | |||||
CVE-2004-0479 | 1 Microsoft | 1 Ie | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference. | |||||
CVE-2003-1265 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2024-02-04 | 2.1 LOW | N/A |
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. | |||||
CVE-2002-0045 | 2 Openldap, Redhat | 2 Openldap, Linux | 2024-02-04 | 7.5 HIGH | N/A |
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | |||||
CVE-2004-1510 | 1 Webcalendar | 1 Webcalendar | 2024-02-04 | 7.5 HIGH | N/A |
WebCalendar allows remote attackers to gain privileges by modifying critical parameters to (1) view_entry.php or (2) upcoming.php. | |||||
CVE-2000-0573 | 1 Hp | 1 Hp-ux | 2024-02-04 | 10.0 HIGH | N/A |
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||||
CVE-1999-0527 | 2024-02-04 | 10.0 HIGH | N/A | ||
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten. | |||||
CVE-2004-1323 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. | |||||
CVE-2003-1110 | 1 Columbia University | 1 Sipc | 2024-02-04 | 7.5 HIGH | N/A |
The Session Initiation Protocol (SIP) implementation in Columbia SIP User Agent (sipc) 1.74 and other versions before sipc 2.0 build 2003-02-21 allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
CVE-2002-0655 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2001-0719 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file. | |||||
CVE-1999-0714 | 1 Digital | 1 Unix | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in Compaq Tru64 UNIX edauth command. | |||||
CVE-2002-0439 | 1 Caupo.net | 1 Cauposhop | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field. | |||||
CVE-2001-1396 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 3.6 LOW | N/A |
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact. | |||||
CVE-2004-1618 | 1 Vypress | 1 Tonecast | 2024-02-04 | 5.0 MEDIUM | N/A |
Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream. | |||||
CVE-1999-0399 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-04 | 7.5 HIGH | N/A |
The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands. |