Total
254034 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1397 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory. | |||||
| CVE-2003-0489 | 1 Michael C. Toren | 1 Tcptraceroute | 2024-02-04 | 7.2 HIGH | N/A |
| tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute. | |||||
| CVE-1999-1445 | 1 Slackware | 1 Slackware Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords. | |||||
| CVE-2002-1384 | 2 Easy Software Products, Xpdf | 2 Cups, Xpdf | 2024-02-04 | 7.2 HIGH | N/A |
| Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | |||||
| CVE-1999-0127 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. | |||||
| CVE-2004-1655 | 1 Phpwebsite | 1 Phpwebsite | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) CM_pid parameter in the comments module or (2) the subject or message fields in the notes module. | |||||
| CVE-2000-0297 | 1 Allaire | 1 Forums | 2024-02-04 | 6.4 MEDIUM | N/A |
| Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. | |||||
| CVE-2002-1052 | 1 W3c | 1 Jigsaw | 2024-02-04 | 5.0 MEDIUM | N/A |
| Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | |||||
| CVE-2002-1751 | 1 Cgiscript.net | 1 Cslivesupport | 2024-02-04 | 5.0 MEDIUM | N/A |
| csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | |||||
| CVE-2002-0288 | 1 Bbshareware.com | 1 Phusion Webserver | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request. | |||||
| CVE-2001-0187 | 1 Washington University | 1 Wu-ftpd | 2024-02-04 | 10.0 HIGH | N/A |
| Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. | |||||
| CVE-2000-0757 | 1 Aptis Software | 1 Totalbill | 2024-02-04 | 10.0 HIGH | N/A |
| The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed. | |||||
| CVE-1999-0846 | 1 Deerfield | 1 Mdaemon | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in MDaemon 2.7 via a large number of connection attempts. | |||||
| CVE-2002-1178 | 1 Jetty | 1 Jetty Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory. | |||||
| CVE-2001-1346 | 2 Broadcom, Ca | 2 Arcserve Backup, Arcserve Backup | 2024-02-04 | 1.2 LOW | N/A |
| Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. | |||||
| CVE-2002-0214 | 1 Intel | 1 Intel Pro Wireless 2011b Lan Usb Device Driver | 2024-02-04 | 2.1 LOW | N/A |
| Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. | |||||
| CVE-2004-0039 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI. | |||||
| CVE-2003-0254 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. | |||||
| CVE-2002-0190 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | |||||
| CVE-1999-0905 | 1 Axent | 1 Raptor Firewall | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in Axent Raptor firewall via malformed zero-length IP options. | |||||