Total
258813 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0010 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges. | |||||
CVE-1999-1505 | 1 Id Software | 1 Quakeworld | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. | |||||
CVE-2003-0498 | 1 Intersystems | 1 Cache Database | 2024-02-04 | 7.2 HIGH | N/A |
Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges. | |||||
CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2024-02-04 | 10.0 HIGH | N/A |
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | |||||
CVE-2004-0281 | 1 Caucho | 1 Resin | 2024-02-04 | 5.0 MEDIUM | N/A |
Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows. | |||||
CVE-2002-0748 | 1 National Instruments | 1 Labview | 2024-02-04 | 5.0 MEDIUM | N/A |
LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations. | |||||
CVE-2001-0209 | 1 Shoutcast | 1 Dnas | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1.7.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long description. | |||||
CVE-2002-1024 | 1 Cisco | 4 Catos, Css11000 Content Services Switch, Ios and 1 more | 2024-02-04 | 7.1 HIGH | N/A |
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144). | |||||
CVE-2001-1506 | 1 Hp | 1 Secure Os | 2024-02-04 | 4.6 MEDIUM | N/A |
Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files. | |||||
CVE-2000-0698 | 1 Minicom | 1 Minicom | 2024-02-04 | 5.0 MEDIUM | N/A |
Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack. | |||||
CVE-2002-2263 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2024-02-04 | 6.6 MEDIUM | N/A |
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files. | |||||
CVE-2000-0447 | 1 Network Associates | 1 Webshield | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service. | |||||
CVE-2002-2410 | 1 Open Webmail | 1 Open Webmail | 2024-02-04 | 5.0 MEDIUM | N/A |
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information. | |||||
CVE-2002-2038 | 1 Bill Abt | 1 Next Generation Posix Threading | 2024-02-04 | 3.6 LOW | N/A |
Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods. | |||||
CVE-2001-0764 | 1 Juergen Schoenwaelder | 1 Scotty | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument. | |||||
CVE-2002-1921 | 1 Oracle | 1 Mysql | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database. | |||||
CVE-2000-1168 | 1 Ibm | 1 Http Server | 2024-02-04 | 7.5 HIGH | N/A |
IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
CVE-2002-0869 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-04 | 7.5 HIGH | N/A |
Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation." | |||||
CVE-2001-1544 | 1 Macromedia | 1 Jrun | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. | |||||
CVE-1999-0556 | 2024-02-04 | 10.0 HIGH | N/A | ||
Two or more Unix accounts have the same UID. |