Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1134 | 1 Sun | 1 Java | 2024-02-28 | 2.1 LOW | N/A |
Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | |||||
CVE-2004-1640 | 1 Xoops | 1 Xoops Dictionary | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php. | |||||
CVE-2003-1033 | 1 Sap | 1 Sap Db | 2024-02-28 | 7.2 HIGH | N/A |
The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program. | |||||
CVE-2003-0865 | 1 Mpg123 | 1 Mpg123 | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request. | |||||
CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | |||||
CVE-2002-0720 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2024-02-28 | 7.2 HIGH | N/A |
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | |||||
CVE-2002-0726 | 1 Microsoft | 1 Tsac Activex Control | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field. | |||||
CVE-2002-1604 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver. | |||||
CVE-1999-1304 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
CVE-1999-0907 | 1 Steven J. Merrifield | 1 Soundcard Cw | 2024-02-28 | 2.1 LOW | N/A |
sccw allows local users to read arbitrary files. | |||||
CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||||
CVE-2002-1969 | 1 The Magic Notebook | 1 The Magic Notebook | 2024-02-28 | 5.0 MEDIUM | N/A |
Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. | |||||
CVE-1999-0687 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | |||||
CVE-2001-1208 | 1 Daydream | 1 Daydream Bbs | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code. | |||||
CVE-1999-0516 | 2024-02-28 | 7.5 HIGH | N/A | ||
An SNMP community name is guessable. | |||||
CVE-2001-1235 | 1 Derek Leung | 1 Pslash | 2024-02-28 | 7.5 HIGH | N/A |
pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | |||||
CVE-2002-2071 | 1 Compaq | 1 Tru64 | 2024-02-28 | 5.0 MEDIUM | N/A |
Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap. | |||||
CVE-2000-0954 | 1 Evolvable Corporation | 1 Shambala Server | 2024-02-28 | 10.0 HIGH | N/A |
Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server. | |||||
CVE-2003-1036 | 1 Sap | 1 Internet Transaction Server | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header. | |||||
CVE-2002-1553 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-28 | 7.5 HIGH | N/A |
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist. |