Total
253945 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1405 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
| snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. | |||||
| CVE-2002-0133 | 1 Avirt | 3 Avirt Gateway, Avirt Gateway Suite, Avirt Soho | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy. | |||||
| CVE-2001-1044 | 1 Basilix | 1 Basilix Webmail | 2024-02-04 | 7.5 HIGH | N/A |
| Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file. | |||||
| CVE-2003-0564 | 1 Hitachi | 2 Groupmax Mail - Security Option, Pki Runtime Library | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
| CVE-2002-0630 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets. | |||||
| CVE-2001-0212 | 1 His | 1 Auktion | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in HIS Auktion 1.62 allows remote attackers to read arbitrary files via a .. (dot dot) in the menue parameter, and possibly execute commands via shell metacharacters. | |||||
| CVE-2001-1494 | 2 Avaya, Kernel | 7 Cvlan, Integrated Management Suit, Interactive Response and 4 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | |||||
| CVE-2001-0309 | 1 Redhat | 1 Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||||
| CVE-2000-0264 | 1 Panda | 1 Panda Security | 2024-02-04 | 2.1 LOW | N/A |
| Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. | |||||
| CVE-2003-1511 | 1 Bajie | 1 Java Http Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet. | |||||
| CVE-2004-0919 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 4.6 MEDIUM | N/A |
| The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordinates or (2) large coordinates. | |||||
| CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Denial of service in Linux syslogd via a large number of connections. | |||||
| CVE-2004-1572 | 1 Aj-fork | 1 Aj-fork | 2024-02-04 | 5.0 MEDIUM | N/A |
| AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request. | |||||
| CVE-2001-1436 | 1 Dallas Semiconductor | 1 Ibutton | 2024-02-04 | 4.6 MEDIUM | N/A |
| Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password. | |||||
| CVE-2002-1480 | 1 Phpgb | 1 Phpgb | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry. | |||||
| CVE-2003-0165 | 1 Gnome | 1 Eog | 2024-02-04 | 4.6 MEDIUM | N/A |
| Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display. | |||||
| CVE-2001-0579 | 1 Sco | 1 Openserver | 2024-02-04 | 7.5 HIGH | N/A |
| lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command. | |||||
| CVE-2001-1022 | 2 Gnu, Jgroff | 2 Groff, Jgroff | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | |||||
| CVE-2002-0912 | 1 Debian | 1 Debian Linux | 2024-02-04 | 5.0 MEDIUM | N/A |
| in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow. | |||||
| CVE-2004-1393 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | |||||