Total
253847 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0851 | 1 Microsoft | 1 Windows 2000 | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability. | |||||
CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2024-02-04 | 7.5 HIGH | N/A |
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
CVE-2004-1599 | 1 Coolphp | 1 Coolphpweb Portal | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to execute arbitrary web script or HTML via the (1) query or (2) nick parameters. | |||||
CVE-2000-0369 | 1 Caldera | 1 Openlinux | 2024-02-04 | 5.0 MEDIUM | N/A |
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service. | |||||
CVE-2002-1481 | 1 Phpgb | 1 Phpgb | 2024-02-04 | 7.5 HIGH | N/A |
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php. | |||||
CVE-2001-0751 | 1 Cisco | 1 Cbos | 2024-02-04 | 7.5 HIGH | N/A |
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | |||||
CVE-2002-1612 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
CVE-2004-1729 | 1 Nihuo Software | 1 Web Log Analyzer | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | |||||
CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2024-02-04 | 6.4 MEDIUM | N/A |
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | |||||
CVE-2003-0025 | 1 Horde | 1 Imp | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. | |||||
CVE-1999-0027 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
root privileges via buffer overflow in eject command on SGI IRIX systems. | |||||
CVE-2003-0499 | 1 Mantis | 1 Mantis | 2024-02-04 | 3.6 LOW | N/A |
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations. | |||||
CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2024-02-04 | 6.9 MEDIUM | N/A |
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | |||||
CVE-2002-0026 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made. | |||||
CVE-2002-1235 | 3 Debian, Kth, Mit | 4 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2003-0060 | 1 Mit | 1 Kerberos 5 | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. | |||||
CVE-1999-0754 | 1 Isc | 1 Inn | 2024-02-04 | 10.0 HIGH | N/A |
The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. | |||||
CVE-2001-0525 | 1 Suse | 1 Suse Linux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument. | |||||
CVE-2001-0442 | 1 David Harris | 1 Mercury Nlm | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command. | |||||
CVE-2000-0996 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell. |