Total
254001 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0715 | 1 Squid | 1 Squid | 2024-02-04 | 5.0 MEDIUM | N/A |
Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password. | |||||
CVE-1999-0995 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 7.8 HIGH | N/A |
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request." | |||||
CVE-2001-0492 | 1 Netcruiser Software | 1 Netcruiser Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Netcruiser Web server version 0.1.2.8 and earlier allows remote attackers to determine the physical path of the server via a URL containing (1) con, (2) com2, or (3) com3. | |||||
CVE-2000-0460 | 1 Kde | 1 Kde | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
CVE-2004-1612 | 1 Saleslogix Corporation | 1 Saleslogix | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request. | |||||
CVE-1999-0956 | 1 Next | 1 Nextstep | 2024-02-04 | 7.2 HIGH | N/A |
The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service. | |||||
CVE-2004-2141 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1827. Reason: This candidate is a duplicate of CVE-2004-1827. Notes: All CVE users should reference CVE-2004-1827 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2002-0315 | 3 Fasttrack, Grokster, Music City Networks | 3 Kazaa, Grokster, Morpheus | 2024-02-04 | 7.5 HIGH | N/A |
fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header. | |||||
CVE-2002-0621 | 1 Microsoft | 1 Commerce Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer. | |||||
CVE-2000-1018 | 1 Mendel Cooper | 1 Shred | 2024-02-04 | 2.1 LOW | N/A |
shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file. | |||||
CVE-2002-1950 | 1 Phprank | 1 Phprank | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list. | |||||
CVE-2002-1691 | 1 Alcatel-lucent | 1 Omnipcx | 2024-02-04 | 10.0 HIGH | N/A |
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access. | |||||
CVE-2004-1375 | 1 Hp | 1 Hp-ux | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges. | |||||
CVE-2001-1286 | 1 Ipswitch | 1 Imail | 2024-02-04 | 7.5 HIGH | N/A |
Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. | |||||
CVE-2003-1074 | 1 Sun | 1 Solaris | 2024-02-04 | 7.2 HIGH | N/A |
Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. | |||||
CVE-2003-1116 | 1 Oracle | 1 E-business Suite | 2024-02-04 | 5.0 MEDIUM | N/A |
The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. | |||||
CVE-2004-0168 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 10.0 HIGH | N/A |
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging." | |||||
CVE-2004-0015 | 1 Vbox3 | 1 Vbox3 | 2024-02-04 | 7.2 HIGH | N/A |
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges. | |||||
CVE-1999-0909 | 1 Microsoft | 4 Terminal Server, Windows 95, Windows 98se and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. | |||||
CVE-2002-1450 | 1 Ibm | 1 U2 Universe | 2024-02-04 | 5.0 MEDIUM | N/A |
IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow. |