Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0255 | 1 Gnu | 1 Privacy Guard | 2024-02-28 | 10.0 HIGH | N/A |
The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. | |||||
CVE-2004-1660 | 1 Cutephp | 1 Cutenews | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP code via the cutepath parameter to (1) show_archives.php or (2) show_news.php. | |||||
CVE-2001-0238 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | |||||
CVE-2004-0650 | 1 Newatlanta | 1 Servletexec | 2024-02-28 | 10.0 HIGH | N/A |
UploadServlet in Cisco Collaboration Server (CCS) running ServletExec before 3.0E allows remote attackers to upload and execute arbitrary files via a direct call to the UploadServlet URL. | |||||
CVE-2002-1771 | 1 Matt Wright | 1 Formmail | 2024-02-28 | 5.0 MEDIUM | N/A |
Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname CGI variables. | |||||
CVE-2000-1239 | 1 Ibm | 1 Tivoli Management Framework | 2024-02-28 | 9.0 HIGH | N/A |
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files. | |||||
CVE-2000-0650 | 1 Network Associates | 2 Netshield, Virusscan | 2024-02-28 | 2.1 LOW | N/A |
The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse. | |||||
CVE-2003-0091 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege. | |||||
CVE-2001-0151 | 1 Microsoft | 1 Internet Information Services | 2024-02-28 | 5.0 MEDIUM | N/A |
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests. | |||||
CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
CVE-1999-1086 | 1 Novell | 1 Netware | 2024-02-28 | 10.0 HIGH | N/A |
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | |||||
CVE-2003-0606 | 2 Cvsup, Sup | 2 Cvsup-mirror, Sup | 2024-02-28 | 4.6 MEDIUM | N/A |
sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | |||||
CVE-2000-0993 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | |||||
CVE-1999-0691 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||||
CVE-2002-1624 | 1 Ibm | 1 Lotus Domino | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters. | |||||
CVE-2003-0247 | 1 Redhat | 1 Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops"). | |||||
CVE-2001-0208 | 1 Microfocus | 1 Cobol | 2024-02-28 | 4.6 MEDIUM | N/A |
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files. | |||||
CVE-2003-0112 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. | |||||
CVE-2002-0342 | 1 Kde | 1 K-mail | 2024-02-28 | 5.0 MEDIUM | N/A |
Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long. | |||||
CVE-1999-1501 | 1 Sgi | 1 Irix | 2024-02-28 | 4.6 MEDIUM | N/A |
(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. |