Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0653 | 2024-02-28 | 10.0 HIGH | N/A | ||
A component service related to NIS+ is running. | |||||
CVE-1999-1143 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs. | |||||
CVE-2004-2234 | 1 Moodle | 1 Moodle | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | |||||
CVE-2000-0955 | 1 Cisco | 1 Virtual Central Office 4000 | 2024-02-28 | 7.5 HIGH | N/A |
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges. | |||||
CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Teardrop IP denial of service. | |||||
CVE-2002-0955 | 1 Yabb | 1 Yabb | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message. | |||||
CVE-2002-0795 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 2.1 LOW | N/A |
The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. | |||||
CVE-2002-2175 | 1 Php | 1 Phpsquidpass | 2024-02-28 | 4.0 MEDIUM | N/A |
phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username. | |||||
CVE-2002-0530 | 1 Novell | 1 Web Search | 2024-02-28 | 5.1 MEDIUM | N/A |
Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter. | |||||
CVE-2002-1640 | 1 Oracle | 1 Configurator | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet. | |||||
CVE-2002-0231 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname. | |||||
CVE-2002-0431 | 1 Dave Lawrence | 1 Xtux | 2024-02-28 | 5.0 MEDIUM | N/A |
XTux allows remote attackers to cause a denial of service (CPU consumption) via random inputs in the initial connection. | |||||
CVE-2002-1561 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | |||||
CVE-2003-0406 | 1 Palmvnc | 1 Palmvnc | 2024-02-28 | 7.2 HIGH | N/A |
PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges. | |||||
CVE-2004-2014 | 1 Gnu | 1 Wget | 2024-02-28 | 2.6 LOW | N/A |
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | |||||
CVE-2001-0815 | 1 Activestate | 1 Activeperl | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension. | |||||
CVE-2003-0846 | 1 Suse | 1 Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. | |||||
CVE-2000-0053 | 1 Microsoft | 1 Commercial Internet System | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request. | |||||
CVE-2004-1612 | 1 Saleslogix Corporation | 1 Saleslogix | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request. | |||||
CVE-2000-0860 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. |