Total
253945 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0987 | 1 Caldera | 2 Openunix, Unixware | 2024-02-04 | 7.2 HIGH | N/A |
X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges. | |||||
CVE-2002-0240 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. | |||||
CVE-2000-0350 | 1 Networkice | 1 Icecap Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events. | |||||
CVE-1999-0033 | 5 Ibm, Ncr, Sco and 2 more | 7 Aix, Mp-ras, Open Desktop and 4 more | 2024-02-04 | 7.2 HIGH | N/A |
Command execution in Sun systems via buffer overflow in the at program. | |||||
CVE-2002-1793 | 1 Hp | 2 Virtualvault, Vvos | 2024-02-04 | 5.0 MEDIUM | N/A |
HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service. | |||||
CVE-1999-0955 | 1 Washington University | 1 Wu-ftpd | 2024-02-04 | 7.6 HIGH | N/A |
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. | |||||
CVE-2002-0319 | 1 Powie | 1 Pforum | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username. | |||||
CVE-2003-1052 | 1 Ibm | 2 Db2, Db2 Universal Database | 2024-02-04 | 7.2 HIGH | N/A |
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. | |||||
CVE-2004-2080 | 1 Red-m | 1 Red-alert | 2024-02-04 | 5.0 MEDIUM | N/A |
Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single space, which prevents Red-Alert from correctly identifying the SSID. | |||||
CVE-2003-0084 | 1 Mod Auth Any | 1 Mod Auth Any | 2024-02-04 | 7.5 HIGH | N/A |
mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2003-0506 | 1 Microsoft | 1 Netmeeting | 2024-02-04 | 5.0 MEDIUM | N/A |
Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to cause a denial of service (shutdown of NetMeeting conference) via malformed packets, as demonstrated via the chat conversation. | |||||
CVE-2001-0940 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. | |||||
CVE-2001-0569 | 1 Zope | 1 Zope | 2024-02-04 | 2.1 LOW | N/A |
Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet. | |||||
CVE-2001-0846 | 1 Lotus | 1 Domino | 2024-02-04 | 10.0 HIGH | N/A |
Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). | |||||
CVE-2003-0656 | 1 Eroaster | 1 Eroaster | 2024-02-04 | 2.1 LOW | N/A |
eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile. | |||||
CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | |||||
CVE-2001-1142 | 1 Argosoft | 1 Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges. | |||||
CVE-1999-1436 | 1 Ray Chan | 1 Www Authorization Gateway | 2024-02-04 | 7.5 HIGH | N/A |
Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "user" parameter. | |||||
CVE-2000-0925 | 1 Smartwin Technology | 1 Cyberoffice Shopping Cart | 2024-02-04 | 5.0 MEDIUM | N/A |
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information. | |||||
CVE-2000-0068 | 1 Intel | 1 Inbusiness Email Station | 2024-02-04 | 7.5 HIGH | N/A |
daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail. |