Total
253968 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2263 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2024-02-04 | 6.6 MEDIUM | N/A |
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files. | |||||
CVE-2000-0447 | 1 Network Associates | 1 Webshield | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service. | |||||
CVE-2002-2410 | 1 Open Webmail | 1 Open Webmail | 2024-02-04 | 5.0 MEDIUM | N/A |
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information. | |||||
CVE-2002-2038 | 1 Bill Abt | 1 Next Generation Posix Threading | 2024-02-04 | 3.6 LOW | N/A |
Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods. | |||||
CVE-2001-0764 | 1 Juergen Schoenwaelder | 1 Scotty | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument. | |||||
CVE-2002-1921 | 1 Oracle | 1 Mysql | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database. | |||||
CVE-2000-1168 | 1 Ibm | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
CVE-2002-0869 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation." | |||||
CVE-2001-1544 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. | |||||
CVE-1999-0556 | 2024-02-04 | 10.0 HIGH | N/A | ||
Two or more Unix accounts have the same UID. | |||||
CVE-2003-0027 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. | |||||
CVE-2001-0556 | 1 Nedit | 1 Nedit | 2024-02-04 | 7.2 HIGH | N/A |
The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file. | |||||
CVE-2001-0923 | 1 Redhat | 1 Redhat Package Manager | 2024-02-04 | 7.2 HIGH | N/A |
RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried. | |||||
CVE-2004-0846 | 1 Microsoft | 2 Excel, Office | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. | |||||
CVE-2001-0480 | 1 Alex Linde | 1 Alexs Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands. | |||||
CVE-2002-0937 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). | |||||
CVE-2004-0297 | 1 Ipswitch | 1 Imail | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. | |||||
CVE-2002-0173 | 1 Sgi | 1 Irix | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges. | |||||
CVE-2004-2068 | 1 Leafnode | 1 Leafnode | 2024-02-04 | 5.0 MEDIUM | N/A |
fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an empty NNTP news article with missing mandatory headers. | |||||
CVE-2003-0225 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 5.0 MEDIUM | N/A |
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page. |