Total
253940 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1027 | 1 Sun | 1 Solaris | 2024-02-04 | 7.2 HIGH | N/A |
Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||||
CVE-2002-0951 | 1 Ruslan Communications | 1 Body Builder | 2024-02-04 | 10.0 HIGH | N/A |
SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password. | |||||
CVE-2003-0524 | 1 Knoppix | 1 Knoppix | 2024-02-04 | 6.2 MEDIUM | N/A |
Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary files via a symlink attack on the qt_plugins_3.0rc temporary file in the .qt directory. | |||||
CVE-2004-0234 | 8 Clearswift, F-secure, Rarlab and 5 more | 13 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 10 more | 2024-02-04 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. | |||||
CVE-1999-0845 | 1 Sco | 1 Unixware | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in SCO su program allows local users to gain root access via a long username. | |||||
CVE-2004-2213 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request. | |||||
CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | |||||
CVE-2002-0711 | 1 Hp | 1 Trucluster Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service. | |||||
CVE-2001-1123 | 1 Hp | 1 Openview Network Node Manager | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID. | |||||
CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. | |||||
CVE-2004-2196 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2024-02-04 | 5.0 MEDIUM | N/A |
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | |||||
CVE-2004-0104 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | |||||
CVE-2002-0470 | 1 Phpnettoolpack | 1 Phpnettoolpack | 2024-02-04 | 7.2 HIGH | N/A |
PHPNetToolpack 0.1 relies on its environment's PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path. | |||||
CVE-1999-0266 | 1 Roar Smith | 1 Info2www | 2024-02-04 | 7.5 HIGH | N/A |
The info2www CGI script allows remote file access or remote command execution. | |||||
CVE-2002-0103 | 1 Oracle | 1 Application Server Web Cache | 2024-02-04 | 4.6 MEDIUM | N/A |
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml. | |||||
CVE-2001-0031 | 1 Broadvision | 1 One-to-one Enterprise Server | 2024-02-04 | 5.0 MEDIUM | N/A |
BroadVision One-To-One Enterprise allows remote attackers to determine the physical path of server files by requesting a .JSP file name that does not exist. | |||||
CVE-2004-1895 | 1 Suse | 1 Suse Linux | 2024-02-04 | 2.1 LOW | N/A |
YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies. | |||||
CVE-2004-2143 | 1 Mambo | 1 Mambo Portal | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option. | |||||
CVE-2000-0063 | 1 Nortel | 1 Contivity | 2024-02-04 | 5.0 MEDIUM | N/A |
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | |||||
CVE-2002-0308 | 1 Stefan Holmberg | 1 Admentor | 2024-02-04 | 10.0 HIGH | N/A |
admin.asp in AdMentor 2.11 allows remote attackers to bypass authentication and gain privileges via a SQL injection attack on the Login and Password arguments. |