Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
| Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | |||||
| CVE-1999-1439 | 1 Gcc | 1 Gcc | 2024-02-28 | 2.1 LOW | N/A |
| gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files. | |||||
| CVE-2000-0746 | 1 Microsoft | 3 Frontpage, Internet Information Server, Internet Information Services | 2024-02-28 | 7.5 HIGH | N/A |
| Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities. | |||||
| CVE-2003-0109 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. | |||||
| CVE-2002-0153 | 1 Microsoft | 1 Ie | 2024-02-28 | 7.5 HIGH | N/A |
| Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability. | |||||
| CVE-2004-0951 | 1 Hp | 1 Ignite-ux | 2024-02-28 | 7.5 HIGH | N/A |
| The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2004-0017 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations. | |||||
| CVE-2001-0272 | 1 W3.org | 1 Sendtemp.pl | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter. | |||||
| CVE-2002-1093 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2024-02-28 | 5.0 MEDIUM | N/A |
| HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request. | |||||
| CVE-2004-0369 | 2 Entrust, Symantec | 5 Entrust Libkmp Isakmp Library, Enterprise Firewall, Gateway Security 5300 and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. | |||||
| CVE-2002-0747 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in lsmcode in AIX 4.3.3. | |||||
| CVE-1999-0072 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in AIX xdat gives root access to local users. | |||||
| CVE-2003-0997 | 1 Broadcom | 1 Unicenter Remote Control Host | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service). | |||||
| CVE-2002-1402 | 1 Postgresql | 1 Postgresql | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2002-0804 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 7.5 HIGH | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname. | |||||
| CVE-2001-0196 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 5.0 MEDIUM | N/A |
| inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group. | |||||
| CVE-2004-2142 | 1 Jorg Schilling | 1 Sdd | 2024-02-28 | 10.0 HIGH | N/A |
| Unknown vulnerability in the remote tape support (remote.c) in the RMT client for Jorg Schilling sdd 1.28 and 1.31 has unknown impact and attack vectors. | |||||
| CVE-2004-0565 | 4 Gentoo, Linux, Mandrakesoft and 1 more | 6 Linux, Linux Kernel, Mandrake Linux and 3 more | 2024-02-28 | 2.1 LOW | N/A |
| Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit. | |||||
| CVE-2004-1141 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | N/A |
| The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory. | |||||
| CVE-1999-0340 | 1 Slackware | 1 Slackware Linux | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in Linux Slackware crond program allows local users to gain root access. | |||||