Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1296 | 1 Mit | 1 Kerberos 5 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable. | |||||
CVE-2002-2046 | 1 Xqus | 1 X-news | 2024-02-28 | 7.5 HIGH | N/A |
x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie. | |||||
CVE-2003-0127 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | |||||
CVE-2000-0711 | 2 Microsoft, Netscape | 2 Virtual Machine, Communicator | 2024-02-28 | 7.5 HIGH | N/A |
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | |||||
CVE-2004-2012 | 3 Netbsd, Niels, Vladimir Kotal | 3 Netbsd, Provos Systrace, Systrace Port For Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges. | |||||
CVE-2004-1445 | 1 Nessus | 1 Nessus | 2024-02-28 | 3.7 LOW | N/A |
A race condition in nessus-adduser in Nessus 2.0.11 and possibly earlier versions, if the TMPDIR environment variable is not set, allows local users to gain privileges. | |||||
CVE-2001-1309 | 1 Ibm | 1 Secureway Directory | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2000-0721 | 1 Multisoft | 1 Flagship | 2024-02-28 | 6.2 MEDIUM | N/A |
The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses. | |||||
CVE-2003-0769 | 1 Mirabilis | 1 Icq | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field. | |||||
CVE-2003-0669 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 1.2 LOW | N/A |
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users. | |||||
CVE-1999-0190 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. | |||||
CVE-1999-0098 | 3 Apple, Pmail, Seattlelab | 3 Appleshare, Mercury Mail Server, Slmail | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. | |||||
CVE-2001-0336 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. | |||||
CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2024-02-28 | 7.5 HIGH | N/A |
NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
CVE-2002-1008 | 1 Summit Computer Networks | 1 Lil Http Server | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request. | |||||
CVE-2002-1842 | 1 Perlbot | 1 Perlbot | 2024-02-28 | 7.5 HIGH | N/A |
Perlbot 1.0 beta allows remote attackers to execute arbitrary commands via shell metacharacters in (1) a word that is being spell checked or (2) an e-mail address. | |||||
CVE-2001-0315 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-28 | 7.5 HIGH | N/A |
The locking feature in mIRC 5.7 allows local users to bypass the password mechanism by modifying the LockOptions registry key. | |||||
CVE-2004-1556 | 1 Mywebserver | 1 Mywebserver | 2024-02-28 | 5.0 MEDIUM | N/A |
MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time. | |||||
CVE-2001-1083 | 1 Icecast | 1 Icecast | 2024-02-28 | 5.0 MEDIUM | N/A |
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | |||||
CVE-2001-0744 | 1 Horde | 1 Imp | 2024-02-28 | 2.1 LOW | N/A |
Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file. |