Total
254017 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0277 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
The WorkMan program can be used to overwrite any file to get root access. | |||||
CVE-1999-0750 | 1 Microsoft | 1 Hotmail | 2024-02-04 | 5.1 MEDIUM | N/A |
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | |||||
CVE-2003-1067 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions. | |||||
CVE-2000-0204 | 1 Trend Micro | 1 Officescan | 2024-02-04 | 5.0 MEDIUM | N/A |
The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%. | |||||
CVE-2002-1622 | 1 Ibm | 1 Aix | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type." | |||||
CVE-2003-0956 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.6 LOW | N/A |
Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018. | |||||
CVE-1999-1071 | 1 Excite | 1 Ews | 2024-02-04 | 7.2 HIGH | N/A |
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. | |||||
CVE-1999-0676 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 4.6 MEDIUM | N/A |
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. | |||||
CVE-2000-0617 | 1 Stanley T. Shebs | 1 Xconq | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable. | |||||
CVE-2004-2045 | 1 Conceptronic | 1 Cadslr1 Adsl Router | 2024-02-04 | 5.0 MEDIUM | N/A |
The HTTP administration interface on Conceptronic CADSLR1 ADSL router running firmware 3.04n allows remote attackers to cause a denial of service (device reboot) via an HTTP request with a long username. | |||||
CVE-2001-0564 | 1 Apc | 1 Ap9606 | 2024-02-04 | 5.0 MEDIUM | N/A |
APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card. | |||||
CVE-2004-0931 | 1 Mysql | 1 Maxdb | 2024-02-04 | 5.0 MEDIUM | N/A |
MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function. | |||||
CVE-1999-0996 | 1 Infoseek | 1 Ultraseek Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. | |||||
CVE-2001-0132 | 1 Trend Micro | 1 Interscan Viruswall | 2024-02-04 | 1.2 LOW | N/A |
Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-0347 | 1 Netscreen | 1 Netscreen-sa 5000 Series | 2024-02-04 | 6.0 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter. | |||||
CVE-2002-1758 | 1 Phprojekt | 1 Phprojekt | 2024-02-04 | 5.0 MEDIUM | N/A |
PHProjekt 2.0 through 3.1 allows remote attackers to view or modify data via requests to certain scripts that do not verify if the user is logged in. | |||||
CVE-1999-0474 | 1 Mirabilis | 1 Icq | 2024-02-04 | 5.0 MEDIUM | N/A |
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. | |||||
CVE-1999-1464 | 1 Cisco | 1 Ios | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. | |||||
CVE-1999-1302 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2024-02-04 | 7.2 HIGH | N/A |
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
CVE-2004-1240 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2004. Notes: none. |