Total
253939 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2024-02-04 | 6.4 MEDIUM | N/A |
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | |||||
CVE-2003-0025 | 1 Horde | 1 Imp | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. | |||||
CVE-1999-0027 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
root privileges via buffer overflow in eject command on SGI IRIX systems. | |||||
CVE-2003-0499 | 1 Mantis | 1 Mantis | 2024-02-04 | 3.6 LOW | N/A |
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations. | |||||
CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2024-02-04 | 6.9 MEDIUM | N/A |
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | |||||
CVE-2002-0026 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made. | |||||
CVE-2002-1235 | 3 Debian, Kth, Mit | 4 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2003-0060 | 1 Mit | 1 Kerberos 5 | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. | |||||
CVE-1999-0754 | 1 Isc | 1 Inn | 2024-02-04 | 10.0 HIGH | N/A |
The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. | |||||
CVE-2001-0525 | 1 Suse | 1 Suse Linux | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument. | |||||
CVE-2001-0442 | 1 David Harris | 1 Mercury Nlm | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command. | |||||
CVE-2000-0996 | 1 Openbsd | 1 Openbsd | 2024-02-04 | 7.2 HIGH | N/A |
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell. | |||||
CVE-2000-0234 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2024-02-04 | 5.0 MEDIUM | N/A |
The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file. | |||||
CVE-2002-0541 | 1 Ibm | 1 Tivoli Storage Manager | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581. | |||||
CVE-2002-2228 | 1 Mailscanner | 1 Mailscanner | 2024-02-04 | 6.4 MEDIUM | N/A |
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner. | |||||
CVE-2002-2374 | 1 Sun | 1 Patchpro | 2024-02-04 | 10.0 HIGH | N/A |
Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | |||||
CVE-2003-0281 | 1 Firebirdsql | 1 Firebird | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop. | |||||
CVE-2004-2184 | 1 Digicraft Software | 1 Yak | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or "..\" sequences in commands such as (1) dir or (2) put. | |||||
CVE-1999-0093 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. | |||||
CVE-2000-0954 | 1 Evolvable Corporation | 1 Shambala Server | 2024-02-04 | 10.0 HIGH | N/A |
Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server. |