Total
253993 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1022 | 1 Working Resources Inc. | 1 Badblue | 2024-02-04 | 7.5 HIGH | N/A |
| BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges. | |||||
| CVE-2004-1853 | 1 Atari | 1 Terminator 3 War Of The Machines | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote attackers to cause a denial of service via a long ServerInfo variable. | |||||
| CVE-1999-1583 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument. | |||||
| CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
| CVE-2004-0209 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2024-02-04 | 10.0 HIGH | N/A |
| Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | |||||
| CVE-2002-2046 | 1 Xqus | 1 X-news | 2024-02-04 | 7.5 HIGH | N/A |
| x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie. | |||||
| CVE-1999-0460 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. | |||||
| CVE-2000-0228 | 1 Microsoft | 1 Windows Media Rights Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability. | |||||
| CVE-2003-1098 | 1 Hp | 1 Hp-ux | 2024-02-04 | 7.2 HIGH | N/A |
| The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. | |||||
| CVE-1999-0645 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The IRC service is running." | |||||
| CVE-2003-0779 | 1 Digium | 1 Asterisk | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. | |||||
| CVE-2003-0796 | 1 Sgi | 1 Irix | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled. | |||||
| CVE-1999-1072 | 1 Excite | 1 Ews | 2024-02-04 | 7.2 HIGH | N/A |
| Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi. | |||||
| CVE-2004-1858 | 1 Hp | 1 Web Jetadmin | 2024-02-04 | 5.0 MEDIUM | N/A |
| HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly due to a stricmp() error from an invalid use of the "$" character. | |||||
| CVE-2000-1085 | 1 Microsoft | 2 Data Engine, Sql Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
| CVE-2004-1189 | 1 Mit | 1 Kerberos 5 | 2024-02-04 | 7.2 HIGH | N/A |
| The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow. | |||||
| CVE-1999-0947 | 1 An | 1 An-httpd | 2024-02-04 | 7.5 HIGH | N/A |
| AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2003-0214 | 1 Debian | 1 Mime-support | 2024-02-04 | 4.6 MEDIUM | N/A |
| run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-1999-0786 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 4.6 MEDIUM | N/A |
| The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. | |||||
| CVE-1999-0169 | 1 Sun | 1 Nfs | 2024-02-04 | 10.0 HIGH | N/A |
| NFS allows attackers to read and write any file on the system by specifying a false UID. | |||||