Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0109 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. | |||||
CVE-1999-0756 | 1 Allaire | 1 Coldfusion Server | 2024-02-28 | 5.0 MEDIUM | N/A |
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility. | |||||
CVE-2004-1862 | 1 Xmb Forum | 1 Xmb | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, replymost, or latest parameter to stats.php, (4) message or icons parameter to post.php, (5) threadlist, pagelinks, forumlist, navigation, or (6) forumdisplay parameter to forumdisplay.php. | |||||
CVE-2003-0976 | 1 Novell | 1 Netware | 2024-02-28 | 7.5 HIGH | N/A |
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. | |||||
CVE-1999-0511 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.5 HIGH | N/A |
IP forwarding is enabled on a machine which is not a router or firewall. | |||||
CVE-2001-1430 | 1 Cayman | 1 3220-h Dsl Router | 2024-02-28 | 7.5 HIGH | N/A |
Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access. | |||||
CVE-2001-0107 | 1 Symantec Veritas | 1 Backup | 2024-02-28 | 5.0 MEDIUM | N/A |
Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang. | |||||
CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-28 | 6.2 MEDIUM | N/A |
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | |||||
CVE-2002-2009 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.0 MEDIUM | N/A |
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. | |||||
CVE-2001-0325 | 1 Qnx | 1 Rtp | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | |||||
CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2024-02-28 | 5.0 MEDIUM | N/A |
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | |||||
CVE-2004-0700 | 2 Gentoo, Mod Ssl | 2 Linux, Mod Ssl | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | |||||
CVE-2001-0721 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | |||||
CVE-2003-0938 | 1 Sap | 1 Sap Db | 2024-02-28 | 7.2 HIGH | N/A |
vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure. | |||||
CVE-1999-0675 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host. | |||||
CVE-1999-0314 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. | |||||
CVE-2000-0358 | 1 Redhat | 1 Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program. | |||||
CVE-2003-1156 | 1 Sun | 2 Jdk, Jre | 2024-02-28 | 4.6 MEDIUM | N/A |
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. | |||||
CVE-2003-0852 | 2 Sylpheed, Sylpheed-claws | 2 Sylpheed, Sylpheed-claws | 2024-02-28 | 5.0 MEDIUM | N/A |
Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message. | |||||
CVE-2004-1793 | 1 Yatsoft | 1 Switch Off | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. |