Total
28988 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0979 | 1 Sco | 1 Unixware | 2024-02-28 | 7.2 HIGH | N/A |
The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. | |||||
CVE-2004-0151 | 1 Xintercepttalk | 1 Xitalk | 2024-02-28 | 7.2 HIGH | N/A |
Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands. | |||||
CVE-2004-0058 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pid_antivir_$$ temporary file. | |||||
CVE-2000-0891 | 1 Ibm | 1 Lotus Notes | 2024-02-28 | 7.5 HIGH | N/A |
A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. | |||||
CVE-2003-1045 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 5.0 MEDIUM | N/A |
votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter. | |||||
CVE-1999-0376 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. | |||||
CVE-2002-0418 | 1 Endymion | 1 Sake Mail | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter. | |||||
CVE-2000-0964 | 1 Siemens | 1 Hinet Lp | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2024-02-28 | 7.8 HIGH | N/A |
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. | |||||
CVE-2000-0006 | 2 Linux, Paul Kranenburg | 2 Linux Kernel, Strace | 2024-02-28 | 2.6 LOW | N/A |
strace allows local users to read arbitrary files via memory mapped file names. | |||||
CVE-2001-1169 | 1 Bell Communications Research | 1 S Key | 2024-02-28 | 7.5 HIGH | N/A |
keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo. | |||||
CVE-2001-0716 | 1 Citrix | 1 Metaframe | 2024-02-28 | 5.0 MEDIUM | N/A |
Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server. | |||||
CVE-2002-1537 | 1 Phpbb Group | 1 Phpbb | 2024-02-28 | 10.0 HIGH | N/A |
admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u". | |||||
CVE-2000-0399 | 1 Alt-n | 1 Mdaemon | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. | |||||
CVE-2004-1526 | 1 New Media Generation | 1 Hired Team Trial | 2024-02-28 | 7.5 HIGH | N/A |
Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game players can kick other players off the server, including the administrator. | |||||
CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2024-02-28 | 5.0 MEDIUM | N/A |
TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | |||||
CVE-2003-0444 | 1 Gtksee | 1 Gtksee | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths. | |||||
CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | |||||
CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Land IP denial of service. | |||||
CVE-2002-2006 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.0 MEDIUM | N/A |
The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets. |