Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0450 | 1 Log2mail | 1 Log2mail | 2024-02-28 | 10.0 HIGH | N/A |
| Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail. | |||||
| CVE-2004-2097 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
| Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd. | |||||
| CVE-2001-1088 | 1 Microsoft | 2 Outlook, Outlook Express | 2024-02-28 | 7.5 HIGH | N/A |
| Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user. | |||||
| CVE-2003-1170 | 1 Gernot Stocker | 1 Kpopup | 2024-02-28 | 7.2 HIGH | N/A |
| Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. | |||||
| CVE-2000-0998 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
| Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function. | |||||
| CVE-2003-1181 | 1 Advanced Poll | 1 Advanced Poll | 2024-02-28 | 5.0 MEDIUM | N/A |
| Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. | |||||
| CVE-2001-0743 | 1 Oreilly | 1 Webboard | 2024-02-28 | 5.0 MEDIUM | N/A |
| Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands. | |||||
| CVE-2000-0026 | 2 Sco, Windowmaker | 2 Unixware, Wmmon | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string. | |||||
| CVE-2002-0790 | 1 Ibm | 1 Aix | 2024-02-28 | 2.1 LOW | N/A |
| clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges. | |||||
| CVE-2003-0538 | 1 Mozart | 1 Mozart | 2024-02-28 | 7.5 HIGH | N/A |
| The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program. | |||||
| CVE-2004-0909 | 1 Mozilla | 2 Mozilla, Thunderbird | 2024-02-28 | 5.1 MEDIUM | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages. | |||||
| CVE-1999-1215 | 1 Novell | 1 Netware | 2024-02-28 | 4.6 MEDIUM | N/A |
| LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. | |||||
| CVE-2003-0263 | 1 Floosietek | 1 Ftgatepro | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. | |||||
| CVE-2003-0607 | 1 Stanley T. Shebs | 1 Xconq | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables. | |||||
| CVE-2004-0014 | 1 Nd | 1 Nd | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings. | |||||
| CVE-1999-1057 | 1 Digital | 1 Vms | 2024-02-28 | 4.6 MEDIUM | N/A |
| VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command. | |||||
| CVE-2002-0372 | 1 Microsoft | 1 Windows Media Player | 2024-02-28 | 7.5 HIGH | N/A |
| Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player". | |||||
| CVE-2002-0748 | 1 National Instruments | 1 Labview | 2024-02-28 | 5.0 MEDIUM | N/A |
| LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations. | |||||
| CVE-2001-0764 | 1 Juergen Schoenwaelder | 1 Scotty | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument. | |||||
| CVE-2001-0568 | 1 Zope | 1 Zope | 2024-02-28 | 2.1 LOW | N/A |
| Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes. | |||||