Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0762 | 2 Broadcom, Ca | 2 Etrust Access Control, Etrust Access Control | 2024-02-28 | 10.0 HIGH | N/A |
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges. | |||||
CVE-2001-1353 | 1 Aladdin Enterprises | 1 Ghostscript | 2024-02-28 | 2.6 LOW | N/A |
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled. | |||||
CVE-2001-0501 | 1 Microsoft | 1 Word | 2024-02-28 | 4.6 MEDIUM | N/A |
Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner. | |||||
CVE-1999-1158 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd. | |||||
CVE-1999-0941 | 1 Mutt | 1 Mutt | 2024-02-28 | 7.5 HIGH | N/A |
Mutt mail client allows a remote attacker to execute commands via shell metacharacters. | |||||
CVE-2002-1630 | 1 Oracle | 1 Application Server | 2024-02-28 | 7.5 HIGH | N/A |
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary emails. | |||||
CVE-1999-0479 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. | |||||
CVE-2004-2198 | 1 Duware | 1 Duclassmate | 2024-02-28 | 6.4 MEDIUM | N/A |
account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page. | |||||
CVE-2004-1399 | 1 Opentools | 1 Attachment Mod | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the Attachment module 2.3.10 and earlier for phpBB allows remote attackers to read arbitrary files via a .. (dot dot) in the filename. | |||||
CVE-2002-0416 | 1 Sh39 | 1 Mailserver | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port. | |||||
CVE-2000-0622 | 1 Oreilly | 1 Website Professional | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter. | |||||
CVE-2003-0133 | 1 Gnome | 1 Gtkhtml | 2024-02-28 | 5.0 MEDIUM | N/A |
GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. | |||||
CVE-2003-1510 | 1 Rit Research Labs | 1 Tinyweb | 2024-02-28 | 7.8 HIGH | N/A |
TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory. | |||||
CVE-2004-0551 | 1 Cisco | 24 Catalyst 2901, Catalyst 2902, Catalyst 2926 and 21 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack." | |||||
CVE-2002-0077 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability. | |||||
CVE-2000-0520 | 1 Stelian | 1 Pop Dump | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute arbitrary commands via a long tape name. | |||||
CVE-2003-0805 | 1 University Of Minnesota | 1 Gopherd | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type. | |||||
CVE-2002-0375 | 1 Ecometry | 1 Sgdynamo | 2024-02-28 | 5.0 MEDIUM | N/A |
Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows remote attackers to execute arbitrary Javascript via a URL with the script in the HTNAME parameter. | |||||
CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | |||||
CVE-2004-0541 | 1 National Science Foundation | 1 Squid Web Proxy Cache | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable). |