Total
28989 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1805 | 1 Epic Games | 1 Unreal Engine | 2024-02-28 | 5.0 MEDIUM | N/A |
Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names. | |||||
CVE-2000-0446 | 1 Marty Bochane | 1 Mdbms | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. | |||||
CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | |||||
CVE-2002-1672 | 1 Webmin | 1 Webmin | 2024-02-28 | 2.1 LOW | N/A |
Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readable), which could allow local users to read the root user's cookie-based authentication credentials and possibly hijack the root user's session using the credentials. | |||||
CVE-1999-1096 | 1 Kde | 1 Kde | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. | |||||
CVE-1999-0589 | 2024-02-28 | 10.0 HIGH | N/A | ||
A system-critical Windows NT registry key has inappropriate permissions. | |||||
CVE-2004-0999 | 1 Zgv | 1 Zgv Image Viewer | 2024-02-28 | 2.6 LOW | N/A |
zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images. | |||||
CVE-2003-0136 | 1 Astart Technologies | 1 Lprng | 2024-02-28 | 2.1 LOW | N/A |
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file. | |||||
CVE-2003-0303 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2024-02-28 | 5.0 MEDIUM | N/A |
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. | |||||
CVE-2001-0547 | 1 Microsoft | 1 Isa Server | 2024-02-28 | 2.1 LOW | N/A |
Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion). | |||||
CVE-2002-1839 | 1 Trend Micro | 1 Interscan Viruswall For Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message. | |||||
CVE-1999-0189 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. | |||||
CVE-2000-0901 | 1 Juergen | 1 Weigert Screen | 2024-02-28 | 4.6 MEDIUM | N/A |
Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable. | |||||
CVE-2002-0648 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file. | |||||
CVE-1999-0515 | 2024-02-28 | 10.0 HIGH | N/A | ||
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. | |||||
CVE-2004-0125 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table. | |||||
CVE-2000-0708 | 1 Pragma Systems | 1 Telnetserver | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port. | |||||
CVE-2000-0356 | 1 Redhat | 1 Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts. | |||||
CVE-2002-1293 | 1 Microsoft | 1 Java Virtual Machine | 2024-02-28 | 7.5 HIGH | N/A |
The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the security checks that are performed by the load() method. | |||||
CVE-2004-0309 | 1 Zonelabs | 2 Integrity, Zonealarm | 2024-02-28 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument. |