Total
253942 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2024-02-04 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||||
CVE-2001-0204 | 1 Watchguard | 1 Firebox Ii | 2024-02-04 | 5.0 MEDIUM | N/A |
Watchguard Firebox II allows remote attackers to cause a denial of service by establishing multiple connections and sending malformed PPTP packets. | |||||
CVE-2000-0679 | 1 Cvs | 1 Cvs | 2024-02-04 | 2.1 LOW | N/A |
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files. | |||||
CVE-1999-0773 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Solaris lpset program allows local users to gain root access. | |||||
CVE-2000-0144 | 1 Axis | 1 700 Network Document Server | 2024-02-04 | 7.5 HIGH | N/A |
Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. | |||||
CVE-2004-0742 | 1 Sun | 1 Java System Calendar Server | 2024-02-04 | 10.0 HIGH | N/A |
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view. | |||||
CVE-2002-2084 | 1 Portix-php | 1 Portix-php | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters. | |||||
CVE-1999-0904 | 1 Byte Fusion | 1 Bftelnet | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username. | |||||
CVE-2000-0145 | 1 Debian | 1 Debian Linux | 2024-02-04 | 7.5 HIGH | N/A |
The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions. | |||||
CVE-2004-0590 | 3 Frees Wan, Openswan, Strongswan | 4 Frees Wan, Super Frees Wan, Openswan and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject. | |||||
CVE-2001-0984 | 1 Counterpane | 1 Password Safe | 2024-02-04 | 4.6 MEDIUM | N/A |
Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the "Clear the password when minimized" and "Lock password database on minimize and prompt on restore" options enabled, which could allow an attacker with access to the memory (e.g. an administrator) to read the passwords. | |||||
CVE-2002-0959 | 1 Splatt | 1 Splatt Forum | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script. | |||||
CVE-1999-0118 | 1 Ibm | 1 Aix | 2024-02-04 | 7.2 HIGH | N/A |
AIX infod allows local users to gain root access through an X display. | |||||
CVE-2004-1452 | 1 Gentoo | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. | |||||
CVE-2001-0605 | 1 Headlight Software | 1 Mygetright | 2024-02-04 | 7.5 HIGH | N/A |
Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data. | |||||
CVE-2001-1399 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||||
CVE-2002-0680 | 3 Goahead Software, Montavista Software, Orange Software | 3 Goahead Webserver, Hard Hat Linux, Orange Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228. | |||||
CVE-2002-0987 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 7.2 HIGH | N/A |
X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges. | |||||
CVE-2002-0240 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. | |||||
CVE-2000-0350 | 1 Networkice | 1 Icecap Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events. |