Total
256646 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0854 | 2 Gnu, Washington University | 2 Fileutils, Wu-ftpd | 2024-02-04 | 2.1 LOW | N/A |
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | |||||
CVE-1999-0334 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. | |||||
CVE-2002-0421 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr. | |||||
CVE-2000-0890 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 1.2 LOW | N/A |
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-0758 | 1 Mozilla | 1 Mozilla | 2024-02-04 | 5.0 MEDIUM | N/A |
Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid. | |||||
CVE-2001-0437 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2024-02-04 | 5.0 MEDIUM | N/A |
upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file. | |||||
CVE-1999-1574 | 1 Ibm | 1 Aix | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." | |||||
CVE-1999-0675 | 1 Checkpoint | 1 Firewall-1 | 2024-02-04 | 5.0 MEDIUM | N/A |
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host. | |||||
CVE-1999-0933 | 1 Teamshare | 1 Teamtrack | 2024-02-04 | 5.0 MEDIUM | N/A |
TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2002-0742 | 1 Ibm | 1 Aix | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in pioout on AIX 4.3.3. | |||||
CVE-2002-0394 | 1 Red-m | 1 1050ap Lan Acess Point | 2024-02-04 | 10.0 HIGH | N/A |
Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords. | |||||
CVE-2004-0580 | 1 Linksys | 12 Befcmu10, Befn2ps4, Befsr11 and 9 more | 2024-02-04 | 5.0 MEDIUM | N/A |
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. | |||||
CVE-2004-0058 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pid_antivir_$$ temporary file. | |||||
CVE-2004-1827 | 2 Simple Machines, Yabb | 2 Simple Machines Smf, Yabb | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags. | |||||
CVE-2002-1084 | 1 Visualshapers | 1 Ezcontents | 2024-02-04 | 6.4 MEDIUM | N/A |
The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests. | |||||
CVE-2004-0114 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. | |||||
CVE-2003-0286 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. | |||||
CVE-2004-1979 | 1 Props | 1 Props | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to inject arbitrary HTML or web script via the search_string parameter. | |||||
CVE-2003-0295 | 1 Jelsoft | 1 Vbulletin | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability. | |||||
CVE-2004-1676 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message. |