Total
253999 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1256 | 1 Hp | 1 Hp-ux | 2024-02-04 | 1.2 LOW | N/A |
kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files. | |||||
CVE-2004-2004 | 1 Suse | 1 Suse Linux | 2024-02-04 | 10.0 HIGH | N/A |
The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH. | |||||
CVE-2001-0752 | 1 Cisco | 1 Cbos | 2024-02-04 | 5.0 MEDIUM | N/A |
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | |||||
CVE-2003-0872 | 1 Sco | 1 Openserver | 2024-02-04 | 2.1 LOW | N/A |
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files. | |||||
CVE-2000-0505 | 2 Apache, Ibm | 2 Http Server, Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters. | |||||
CVE-2002-0204 | 1 Gnu | 1 Chess | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command. | |||||
CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | |||||
CVE-1999-0316 | 1 Sam Lantinga | 1 Splitvt | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Linux splitvt command gives root access to local users. | |||||
CVE-1999-1212 | 1 Sun | 1 Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges. | |||||
CVE-2003-1241 | 1 Levcgi.com | 1 Myguestbook | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. | |||||
CVE-2001-1077 | 1 Rxvt | 1 Rxvt | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument. | |||||
CVE-1999-1007 | 1 Vdonet | 1 Vdolive Player | 2024-02-04 | 7.6 HIGH | N/A |
Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file. | |||||
CVE-2002-1956 | 1 Rox | 1 Filer | 2024-02-04 | 2.1 LOW | N/A |
ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files. | |||||
CVE-2001-0175 | 1 Netscape | 1 Fasttrack Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. | |||||
CVE-2004-1956 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 5.0 MEDIUM | N/A |
PostNuke 0.7.2.6 allows remote attackers to gain information via a direct HTTP request to files in the (1) includes/blocks directory, (2) pnadodb directory, (3) NS-NewUser module, (4) NS-Your_Account, (5) NS-LostPassword module, or (6) NS-User module which reveals the path to the web server in a PHP error message. | |||||
CVE-2004-2024 | 1 Zen Cart | 1 Zen Cart | 2024-02-04 | 7.5 HIGH | N/A |
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | |||||
CVE-2002-0507 | 2 Microsoft, Rsa | 2 Exchange Server, Securid | 2024-02-04 | 2.1 LOW | N/A |
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. | |||||
CVE-2004-1440 | 1 Putty | 1 Putty | 2024-02-04 | 7.5 HIGH | N/A |
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication. | |||||
CVE-2002-0175 | 1 Avaya | 1 Libsafe | 2024-02-04 | 4.6 MEDIUM | N/A |
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. | |||||
CVE-2002-1847 | 1 Microsoft | 1 Windows Media Player | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability. |