Total
254057 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0687 | 1 Cgi Script Center | 1 Auction Weaver | 2024-02-04 | 10.0 HIGH | N/A |
| Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter. | |||||
| CVE-2000-0157 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 7.2 HIGH | N/A |
| NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process. | |||||
| CVE-1999-1560 | 1 Tamu | 1 Tiger | 2024-02-04 | 7.2 HIGH | N/A |
| Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root. | |||||
| CVE-2002-0075 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message. | |||||
| CVE-2004-0284 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. | |||||
| CVE-2000-0611 | 1 Netwin | 2 Cwmail, Dmailweb | 2024-02-04 | 5.0 MEDIUM | N/A |
| The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service. | |||||
| CVE-2004-0658 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
| Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket. | |||||
| CVE-2004-1573 | 2 Aj-fork, Cutephp | 2 Aj-fork, Cutenews | 2024-02-04 | 7.2 HIGH | N/A |
| The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator. | |||||
| CVE-1999-1573 | 1 Hp | 1 Hp-ux | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files. | |||||
| CVE-2001-1197 | 1 Kde | 1 Kdeutils | 2024-02-04 | 4.6 MEDIUM | N/A |
| klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. | |||||
| CVE-2001-1033 | 1 Compaq | 2 Tru64, Trucluster | 2024-02-04 | 5.0 MEDIUM | N/A |
| Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state. | |||||
| CVE-2001-1364 | 1 Project Purple | 1 Autodns | 2024-02-04 | 7.5 HIGH | N/A |
| Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qualified. | |||||
| CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-04 | 6.2 MEDIUM | N/A |
| The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | |||||
| CVE-2001-0946 | 1 Redhat | 1 Linux | 2024-02-04 | 3.6 LOW | N/A |
| apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins. | |||||
| CVE-1999-0394 | 2024-02-04 | 10.0 HIGH | N/A | ||
| DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. | |||||
| CVE-2002-1834 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2024-02-04 | 6.4 MEDIUM | N/A |
| The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history. | |||||
| CVE-2003-0151 | 1 Bea | 1 Weblogic Server | 2024-02-04 | 7.5 HIGH | N/A |
| BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code. | |||||
| CVE-2002-1280 | 1 Iss | 1 Realsecure Event Collector | 2024-02-04 | 5.0 MEDIUM | N/A |
| Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and crash). | |||||
| CVE-2004-1620 | 1 S9y | 1 Serendipity | 2024-02-04 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php. | |||||
| CVE-2000-0842 | 1 Sco | 1 Unixware | 2024-02-04 | 5.0 MEDIUM | N/A |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||