Total
28982 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0164 | 1 Sun | 1 Solaris Isp Server | 2024-02-28 | 7.2 HIGH | N/A |
The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords. | |||||
CVE-2004-0452 | 1 Larry Wall | 1 Perl | 2024-02-28 | 2.6 LOW | N/A |
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack. | |||||
CVE-2001-1059 | 1 Vmware | 1 Workstation | 2024-02-28 | 3.6 LOW | N/A |
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. | |||||
CVE-1999-0089 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in AIX libDtSvc library can allow local users to gain root access. | |||||
CVE-2003-0564 | 1 Hitachi | 2 Groupmax Mail - Security Option, Pki Runtime Library | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
CVE-1999-0215 | 1 Sgi | 1 Irix | 2024-02-28 | 6.4 MEDIUM | N/A |
Routed allows attackers to append data to files. | |||||
CVE-2003-0126 | 1 Multitech | 1 Routefinder 550 Vpn | 2024-02-28 | 7.5 HIGH | N/A |
The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities. | |||||
CVE-2003-0102 | 2 File, Netbsd | 2 File, Netbsd | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | |||||
CVE-2001-0038 | 1 Metaproducts | 1 Offline Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Offline Explorer 1.4 before Service Release 2 allows remote attackers to read arbitrary files by specifying the drive letter (e.g. C:) in the requested URL. | |||||
CVE-2000-1028 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument. | |||||
CVE-2004-1455 | 1 Xine | 1 Xine-lib | 2024-02-28 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL. | |||||
CVE-2002-1020 | 1 Adobe | 1 Adobe Content Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available. | |||||
CVE-2002-2087 | 1 Borland Software | 1 Interbase | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | |||||
CVE-2003-0086 | 1 Samba | 1 Samba | 2024-02-28 | 1.2 LOW | N/A |
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | |||||
CVE-2004-1743 | 1 Efs Software | 1 Efs Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder. | |||||
CVE-2002-1344 | 2 Gnu, Sun | 2 Wget, Cobalt Raq Xtr | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences. | |||||
CVE-2004-0301 | 1 Ecommerce Corporation Online | 1 Store Kit | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter. | |||||
CVE-2001-1312 | 1 Ibm | 1 Lotus Domino R5 | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-1999-0171 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
Denial of service in syslog by sending it a large number of superfluous messages. | |||||
CVE-2002-0893 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences. |