Vulnerabilities (CVE)

Total 260444 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-0725 1 Zope 1 Zope 2024-02-04 7.2 HIGH N/A
Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request.
CVE-2004-1482 1 Bnc 1 Bnc 2024-02-04 7.5 HIGH N/A
The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts.
CVE-1999-0233 1 Microsoft 1 Internet Information Services 2024-02-04 10.0 HIGH N/A
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
CVE-2004-1144 1 Linux 1 Linux Kernel 2024-02-04 7.2 HIGH N/A
Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges.
CVE-2002-2367 1 Socks5 1 Socks5 2024-02-04 7.8 HIGH N/A
Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname.
CVE-2004-0266 1 Francisco Burzi 1 Php-nuke 2024-02-04 5.0 MEDIUM N/A
SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter.
CVE-2001-0182 1 Checkpoint 1 Firewall-1 2024-02-04 5.0 MEDIUM N/A
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources.
CVE-2003-1534 1 Justice Media 1 Guestbook 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables.
CVE-1999-1493 1 Hp 1 Apollo Domain Os 2024-02-04 10.0 HIGH N/A
Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().
CVE-2002-1183 1 Microsoft 3 Windows 98, Windows 98se, Windows Nt 2024-02-04 7.5 HIGH N/A
Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).
CVE-2004-0735 1 Electronic Arts 1 Medal Of Honor Allied Assault 2024-02-04 7.5 HIGH N/A
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors.
CVE-2004-1000 1 Debian 1 Lintian 2024-02-04 2.1 LOW N/A
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
CVE-1999-0892 1 Netscape 1 Communicator 2024-02-04 4.6 MEDIUM N/A
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
CVE-2002-1571 1 Linux 1 Linux Kernel 2024-02-04 2.1 LOW N/A
The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.
CVE-1999-1069 1 Icat 1 Electronic Commerce Suite 2024-02-04 5.0 MEDIUM N/A
Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter.
CVE-2004-0085 1 Apple 1 Mac Os X 2024-02-04 5.0 MEDIUM N/A
Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086.
CVE-2001-1515 1 Microsoft 1 Windows 2000 2024-02-04 5.0 MEDIUM 7.5 HIGH
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended.
CVE-2002-1386 1 Ehud Gavron 1 Tracesroute 2024-02-04 4.6 MEDIUM N/A
Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.
CVE-2002-1718 1 Microsoft 1 Internet Information Services 2024-02-04 5.0 MEDIUM N/A
Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.
CVE-2002-0498 1 Etnus 1 Totalview 2024-02-04 4.6 MEDIUM N/A
Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users.