Total
253921 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0915 | 1 Berkeley | 1 Pmake | 2024-02-04 | 7.2 HIGH | N/A |
| Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition. | |||||
| CVE-1999-1236 | 1 True North | 1 Internet Anywhere Mail Server | 2024-02-04 | 4.6 MEDIUM | N/A |
| Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf. | |||||
| CVE-2002-0003 | 1 Gnu | 1 Groff | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | |||||
| CVE-2000-0546 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. | |||||
| CVE-2003-0946 | 1 Clam Anti-virus | 1 Clamav | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command. | |||||
| CVE-2002-1499 | 1 Factosystem | 1 Factosystem Weblog | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) the email parameter in holdcomment.asp. | |||||
| CVE-2003-0653 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
| The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. | |||||
| CVE-2001-1424 | 1 Alcatel | 1 Speed Touch Home | 2024-02-04 | 7.5 HIGH | N/A |
| Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | |||||
| CVE-2002-0599 | 1 Blahz-dns | 1 Blahz-dns | 2024-02-04 | 10.0 HIGH | N/A |
| Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen. | |||||
| CVE-2003-1420 | 1 Opera | 1 Opera Browser | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. | |||||
| CVE-2002-0052 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files. | |||||
| CVE-2003-1147 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0955. Reason: This candidate is a duplicate of CVE-2003-0955. Notes: All CVE users should reference CVE-2003-0955 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2002-1926 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in source.php in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP query string. | |||||
| CVE-2002-0312 | 1 Essen | 1 Essentia Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2002-1011 | 1 Ibm | 1 Tivoli Management Framework | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
| procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. | |||||
| CVE-1999-0422 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
| In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set. | |||||
| CVE-2002-2368 | 1 Nec | 1 Socks 5 | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module. | |||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2024-02-04 | 1.2 LOW | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | |||||
| CVE-2001-0482 | 1 Argus Systems | 1 Pitbull Lx | 2024-02-04 | 7.2 HIGH | N/A |
| Configuration error in Argus PitBull LX allows root users to bypass specified access control restrictions and cause a denial of service or execute arbitrary commands by modifying kernel variables such as MaxFiles, MaxInodes, and ModProbePath in /proc/sys via calls to sysctl. | |||||